Guidelines for Failure Mode and Effects Analysis
Short Description
Download Guidelines for Failure Mode and Effects Analysis...
Description
Guidelines for Failure Mode and Effects Analysis for Automotive, Aerospace and General Manufacturing Industries IMPORTANT! CAREFULLY READ THE FOLLOWING DISCLAIMER BEFORE READING OR OTHERWISE USING THESE GUIDELINES. BY USING THESE GUIDELINES, YOU, AS THE END USER, ACKNOWLEDGE THAT YOU HAVE READ THIS DISCALIMER, UNDERSTAND AND ACCEPT ALL THE TERMS AND CONDITIONS AND THAT YOU INTEND TO BE LEGALLY BOUND BY THEM. IF YOU DO NOT AGREE WITH THE TERMS OF THIS DISCLAIMER, DO NOT READ OR OTHERWISE USE THESE GUIDELINES AND RETURN IT WITH TO THE PLACE OF PURCHASE WITHIN 15 DAYS OF DELIVERY FOR A FULL REFUND. DISCLAIMER The information and material here within has been prepared in part by Dyadem Engineering Corporation (hitherto known as “DEC”) for the Dyadem Press (hitherto known as “DP”) and CRC Press is intended, in good faith, to assist you with identification of hazards and risk issues throughout a product’s life cycle as a part of the quality system. It remains your responsibility to determine its application, specific suitability and the manner in which such intended applications should be executed. It is furthermore assumed that you or your appointed personnel or appointed representatives shall be appropriately qualified for its interpretation and applicability. These guidelines are solely to assist you in the methodologies and techniques here within presented and are not to be relied upon or intended as a substitute for your own specific decision making requirements, your own specific hazards and risk analyses requirements, including, but not limited to, such techniques as, Failure Mode and Effects Analysis (FMEA), Design FMEA, Process FMEA, Service FMEA, Application FMEA, Hardware FMEA, Software FMEA, Failure Modes and Effects Criticality Analysis (FMECA), Hazard and Operability Analysis (HAZOP), and Fault Tree Analysis, and so forth, or as a substitute for professional advice associated with the aforementioned. These guidelines cannot and do not replace a qualified engineering analysis, other professional analysis and advice in the field of hazards identification, risk assessment, risk reduction, the management of risk, Risk Management Planning (RMP), Advanced Quality Planning (AQP), Product Quality Control Plans, Dynamic Control Plans, and so forth either in general or in part. It is incumbent upon you to perform your own assessment and analysis and to obtain professional advice. While every attempt has been made to present the material as accurately as possible, it does not preclude the possibility of error, either factual, typographical, contextual, interpretative, nor of you nor your personnel nor representatives making interpretation(s) unintended by DEC, CRC Press or DP.
Furthermore, you are reminded that these guidelines are not intended to replace analyses performed by qualified professional personnel. The entire risk as to the data or information supplied, use, calculations, performance results and/or consequences of these guidelines and risk analysis is with you. You assume full responsibility for compliance with rules, regulations and statutes, and for environmental, quality control, quality assurance liability, statutory or otherwise, risks, and risk assessments. You acknowledge and understand that no regulatory body or association endorses or otherwise approves these guidelines. The examples presented as part of these guidelines do not contain information about any specific known plant, process, company or individual. In addition, these guidelines do not reflect the policies of any known specific company. The subject matter is considered to be pertinent at the time of publication. However, it does not preclude the possibility of partial or total invalidation that may result from later legislation, methodologies, standards and so forth. In particular, in relation to the subject matter contained within, you are reminded that attempts to predict and guard against potential hazards can never be guaranteed, since risk can never be totally eliminated, however diligent the efforts may be. Neither DEC, DP nor Dyadem International Ltd. (hitherto known as “DIL”) shall be held liable for special or consequential damages arising directly or indirectly from the use or misuse of the information and material here within contained or referenced. In no event will DEC, DP, CRC Press DIL, the distributors or agents be liable for any damages, howsoever caused, including but not limited to, any lost profits or revenue, loss of market share, lost savings, loss of use or lack of availability or corruption of facilities including without limitation computer resources, information and stored data, indirect, special, incidental, punitive, exemplary, aggravated, economic or consequential damages, adverse outcomes, personal injury or death, contribution or indemnity, arising out of the use, or inability to use these guidelines, or for claim by any other party, even if DEC, DP, CRC Press, DIL or any of its lawful agents, distributors or employees have been advised of the possibility of such damages or claim. In no case will DEC, DP, CRC Press, DIL distributors or agents be liable in total, whether in contract, tort or otherwise and your exclusive remedy shall be regardless of the number of claims, for no more than the amount paid by you for these guidelines. Some jurisdictions do not allow the exclusion or limitation of implied warranties or limitation of liability for incidental or consequential damages, so the above limitation or exclusion may not apply to you. The foregoing paragraphs on warranty disclaimer and limitations on liability shall survive any transfer of ownership or any form of reallocation. By using these guidelines you acknowledge and understand that any dispute that arises shall be governed by and construed in accordance with the laws of Ontario and federal laws of Canada applicable therein and shall be treated, in all respects, as an Ontario contract. The Parties irrevocably submit to the non-exclusive jurisdiction of the courts of Ontario. The Parties hereby expressly exclude the application of the United Nations Convention on Contracts for the International Sale of Goods and the Sale of Goods Act (Ontario) as amended, replaced or re-enacted from time to time.
COPYRIGHT: All applicable copyright laws governing United States, Canadian and international copyright and intellectual property laws and treaties protect these guidelines. You agree that these guidelines (except for any publicly available data contained therein) are confidential to and rights to or embodied in this manual is owned by the DP. DP retains all rights not expressly granted. Copyright © 2003 Dyadem Press
Guidelines for Failure Mode and Effects Analysis for Automotive, Aerospace and General Manufacturing Industries Copyright © 2003 by Dyadem Press ISBN 0849319080 Co-Published and distributed by CRC Press All rights reserved. No part of this book may be reproduced in any form or by any means, electronic, mechanical, photocopying, recording, or otherwise, without the prior written permission of the publisher. For information, write to: Dyadem Press, 9050 Yonge Street, Suite 401 Richmond Hill, Ontario Canada L4C 9S6 Phone: 905–882–5055 Fax: 905–882–5057
CRC PRESS Boca Raton London New York Washington, D.C.
This edition published in the Taylor & Francis e-Library, 2005. “To purchase your own copy of this or any of Taylor & Francis or Routledge’s collection of thousands of eBooks please go to http://www.ebookstore.tandf.co.uk/.” Library of Congress Cataloging-in-Publication Data Catalog record is available from the Library of Congress This book contains information obtained from authentic and highly regarded sources. Reprinted material is quoted with permission, and sources are indicated. A wide variety of references are listed. Reasonable efforts have been made to publish reliable data and information, but the author and the publisher cannot assume responsibility for the validity of all materials or for the consequences of their use. Neither this book nor any part may be reproduced or transmitted in any form or by any means, electronic or mechanical, including photocopying, microfilming, and recording, or by any information storage or retrieval system, without prior permission in writing from the publisher. The consent of CRC Press LLC does not extend to copying for general distribution, for promotion, for creating new works, or for resale. Specific permission must be obtained in writing from CRC Press LLC for such copying. Direct all inquiries to CRC Press LLC 2000 N.W. Corporate Blvd., Boca Raton, Florida 33431. Trademark Notice: Product or corporate names may be trademarks or registered trademarks, and are used only for identification and explanation, without intent to infringe. Visit the CRC Press Web site at www.crcpress.com © 2003 by CRC Press LLC No claim to original U.S. Government works ISBN 0-203-00968-1 Master e-book ISBN
International Standard Book Number 0-8493-1908-0 (Print Edition)
About Dyadem Engineering Corporation
Dyadem Engineering Corporation focuses on controlling the risks associated with major hazards in the automotive, aerospace, process, medical device and general manufacturing industries, delivering a wide spectrum of services in the fields of process design, risk management, incident investigation and risk study facilitation. We offer professional training services for Failure Mode and Effects Analysis, Process Hazards Analysis, Job Safety Analysis and Ergonomics. Dyadem has also become a respected publisher of engineering manuals. Our successful Guidelines series also includes Guidelines for Failure Mode and Effects Analysis for Medical Devices and the popular Guidelines for Process Hazards Analysis, Hazards Identification & Risk Analysis.
Table of Contents
Glossary
x
CHAPTER 1 Introduction
1
CHAPTER 2 General Manufacturing, Automotive and Aerospace Quality System Standards CHAPTER 3 Industry Specific Standards for Failure Mode & Effects Analysis CHAPTER 4 Risk Management Planning
4 23
CHAPTER 5 Risk Analysis Methodologies
33
CHAPTER 6 Overview of FMEA
37
CHAPTER 7 FMEA Procedures
41
CHAPTER 8 FMEA Team
52
CHAPTER 9 Common Tools Used with FMEA
54
30
CHAPTER Pitfalls with FMEA 10
59
CHAPTER Product Life Cycle & FMEA 11
61
CHAPTER Product/Design FMEA 12
67
CHAPTER Process FMEA 13
73
CHAPTER Machinery FMEA 14
79
CHAPTER Application FMEA 15
86
CHAPTER Service FMEA 16
92
CHAPTER Hardware and Software FMEA 17
99
CHAPTER Analysis of FMEA Results 18
102
CHAPTER Overview of Failure Mode, Effects and Criticality Analysis 19 (FMECA)
104
CHAPTER Post FMEA Study 20
111
CHAPTER FMEA in Advanced Quality Planning/Advanced Product 21 Quality Planning
112
CHAPTER Product Quality Control Plans and Dynamic Control Plans 22
118
References
129
Glossary
Acceptable Quality Level (AQL): For the purposes of sampling inspection, AQL is the maximum percent defective that can be considered satisfactory as a process average. Average Outgoing Quality Limit (AOQL): For a given sampling plan, it is the maximum average quality of outgoing product after 100% screening of rejected lots. Characteristics: Distinguishing features of a process or its output on which variables or attributes data can be collected. Control Plans: A description of the system for controlling parts and processes. It is written by suppliers to address the important characteristics and engineering requirements of the product. Cpk (process capability per thousand): An index that considers both the process spread and the proximity of the process spread to specifications limits. Design Defect: An imperfection that causes a product to inadequately protect against risks of injury, fail to perform intended functions safely, inadequately safeguard against a specific danger, create unreasonably dangerous side effects, or fail to minimize avoidable consequences in the event of an accident. Design for Manufacturability (DFM)/Design for Assembly (DFA): A simultaneous engineering process designed to optimize the relationship between design function, manufacturability, and ease of assembly. Design of Experiment (DOE): An experimental technique used to manipulate process inputs in order to better understand their effects on process outputs. Detection: The probability of the failure being detected before the impact of the effect is realized. Facilitator: An expert who ideally has no vested interest in the process under investigation, but who has the knowledge and ability to guide the project leader and the team through the various process improvement steps. The facilitator will work with the client to identify the opportunity, develop a structure for the project, and contract for the boundaries of the project and timing issues. He or she should be aware of sources for information, expert advice and practical assistance. Failure Mode: A symptom, condition or fashion in which hardware fails. A failure mode might be identified as loss of function, premature function (function without demand), an out-of-tolerance condition, or a simple physical characteristic such as a leak observed during inspection. Failure Modes and Effects Analysis (FMEA): A systematic, tabular method for evaluating and documenting the causes and effects of known types of component failures. Failure Modes, Effects and Criticality Analysis (FMECA): A variation of FMEA that includes a quantitative estimate of the significance of the consequences of a failure mode.
Fault Tree: A logic model that graphically portrays the combinations of failures that can lead to specific main failure or accident. Hazard: Any situation with the potential for causing damage to life, property or the environment. Human Error: Any human action (or lack thereof) that exceeds some limit of acceptability (i.e., an out-of-tolerance action) where the limits of human performance are defined by the system. Human errors include actions by designers, operators or managers that may contribute to or result in accidents. Likelihood: A measure of the expected probability or frequency of an event’s occurrence. Manufacturing Defect: An imperfection that causes a product to fail to meet the manufacturer’s own specifications. Manufacturing defects occur when the raw materials or components used in making the product contain unacceptable flaws, or there are assembly mistakes. Original Equipment Manufacturer (OEM): Entity holding design rights to any product. The OEM is not necessarily the manufacturer, designer or distributor of the product. Occurrence: The probability or frequency of the failure occurring. Process Capability Index (CpK): A measure of both process dispersion and its centering about the average. Quality Function Deployment (QFD): A structured method in which customer requirements are translated into appropriate technical requirements for each stage of product, development and production. Quality System: The organization, structure, responsibilities, procedures, processes and resources for implementing quality management. It is a method of maintaining consistent quality for producing products or providing services that consistently meet or exceed the customer’s implied or stated needs. Quantitative Risk Analysis: The systematic development of numerical estimates of the expected frequency and/or consequence of potential accidents associated with a facility or operation based on engineering evaluation and mathematical techniques. Repeatability: Variation in measurements obtained with one gage when used several times by one appraiser while measuring a characteristic on one part. Reproducibility: Variation in the average of the measurements made by different appraisers using the same gage when measuring a characteristic on one part. Residual Risk: Risk remaining after protective measures have been taken. Risk: A measure of the consequence of a hazard and the frequency with which it is likely to occur. Risk Analysis: Systematic use of available information to identify hazards and to estimate the risk. Risk Assessment: Overall process of risk analysis and risk evaluation. Risk Evaluation: Judgment based on the risk analysis to determine whether the risk is acceptable given the context and the current values of society. Risk Management: The systematic application of management policies, procedures and practices to the tasks of analyzing, assessing and controlling risk in order to protect employees, the general public, the environment and company assets.
Safety: A judgment of the acceptability of risk. An activity is deemed as “safe” if its risks are judged to be acceptable when compared with other common daily activities. No activity is totally free from risk. Provided the activity is undertaken, risk can never be totally eliminated. However, it can usually be reduced to acceptable levels with the use of adequate safeguarding. Statistical Process Control (SPC): Use of statistical techniques to analyze a process or its output in order to take appropriate actions to achieve and maintain a state of statistical control and to improve the capability of the process. Value Engineering (VE): A planned, clean sheet approach to problem solving, focusing on specific product design and process characteristics. Value engineering is employed to maximize value prior to expenditures of facilities and tooling money.
CHAPTER 1 Introduction
Product quality planning and assessment are critical to assure that a product meets the requirements of the customer and that it satisfies all safety and regulatory requirements. One of the key elements to success is to manage and reduce risk effectively throughout the product’s life cycle. This requires a delicate balance between risk, cost and performance. Risk management provides the required decision framework centered on understanding risks and evaluating their acceptability by weighting technical and economic practicability against risk/benefits. It manages the residue risk, as risk cannot be completely eliminated. To reduce risk, it is essential to identify hazards, evaluate the associated potential consequences and their likelihood, and then estimate the risk. A number of analysis techniques, including top-down and bottom-up approaches, can be used. These techniques include Failure Mode and Effects Analysis (FMEA), Hazard and Operability Analysis (HAZOP) and Fault Tree Analysis (FTA). These Guidelines focus on FMEA and its application throughout the product’s life cycle. Other topics include regulatory requirements relating quality system analysis in the automotive, aerospace and general manufacturing industries, risk management, Failure Mode, Effects and Criticality Analysis (FMECA), Control Plans and Advanced Product Quality Planning. The following list describes the organization of the manual: Chapter 2—Automotive, Aerospace and General Manufacturing Quality System Standards Quality system regulations and specifications associated with the automotive, aerospace and general manufacturing industries are reviewed in this chapter for the purpose of identifying the requirements for Failure Mode and Effects Analysis and Control Plans in the Product Quality Cycle. The intent of this chapter is to provide the readers with a general overview of the regulatory requirements related to the above-mentioned industries in the United States and in Europe. Chapter 3—Industry Specific Standards for Failure Mode and Effects Analysis This chapter reviews the current industry-specific standards and technical specifications that provide guidelines for performing FMEA.
Guidelines for failure mode and effects analysis
2
Chapter 4—Risk Management Planning This chapter briefly describes the essence of risk management planning. Chapter 5—Risk Analysis Methodologies This chapter gives an overview of Hazard and Operability Analysis (HAZOP) and Fault Tree Analysis (FTA), which are risk analysis techniques commonly used in the automotive, aerospace and general manufacturing industries as alternatives to Failure Mode and Effects Analysis. Chapter 6—Overview of FMEA This chapter is an introduction to Failure Mode and Effects Analysis (FMEA). It outlines the objectives of FMEA, reasons and benefits of performing FMEA and the limitations of the technique. Chapter 7—FMEA Procedures This chapter describes the basic terminology and process used in FMEA. In addition, the procedures for setting up, conducting and following up FMEA are described. Chapter 8—FMEA Team This chapter describes the responsibilities of FMEA team members and the facilitator/team leader. Chapter 9—Common Tools Used with FMEA This chapter gives an overview of tools commonly used with FMEA, including process flowcharts, block diagrams and Pareto charts. Chapter 10—Pitfalls with FMEA This chapter describes some major pitfalls that can arise while conducting FMEA studies. Chapter 11—Product Life Cycle & FMEA This chapter outlines the application of FMEA at various stages in a product’s life cycle. It also introduces the use of Control Plans as a tool to document the design and process characteristics required for the manufacturing of an item/component or system. Chapter 12—Product/Design FMEA This chapter describes the objectives of Product/Design FMEA (D-FMEA), recommended team members and recommended information to be included in the FMEA worksheet. It also provides rating guidelines for severity, occurrence and detection. Chapter 13—Process FMEA This chapter describes the objectives of Process FMEA (P-FMEA), recommended team members and recommended information to be included in the FMEA worksheet. It also provides rating guidelines for severity, occurrence and detection. Chapter 14—Machinery FMEA
Introduction
3
This chapter describes the objectives of Machinery FMEA (M-FMEA), recommended team members and recommended information to be included in the FMEA worksheet. It also provides rating guidelines for severity, occurrence and detection. Chapter 15—Application FMEA This chapter describes the objectives of Application FMEA (A-FMEA), recommended team members and recommended information to be included in the FMEA worksheet. It also provides rating guidelines for severity, occurrence and detection. Chapter 16—Service FMEA This chapter describes the objectives of Service FMEA (S-FMEA), recommended team members and recommended information to be included in the FMEA worksheet. It also provides rating guidelines for severity, occurrence and detection. Chapter 17—Hardware and Software FMEA This chapter provides an overview of Hardware and Software FMEA. Chapter 18—Analysis of FMEA Results This chapter provides a brief overview of Failure Mode Ratios, Failure Equivalence Numbers and process variation indices. Chapter 19—Overview of Failure Mode, Effects and Criticality Analysis (FMECA) This chapter provides an overview of Failure Mode, Effects and Criticality Analysis (FMECA), including the terminology and the worksheets used in the analysis for both quantitative and qualitative approaches. Chapter 20—Post FMEA Study This chapter describes the required steps to be taken after the completion of the FMEA. Chapter 21—FMEA in Advanced Quality Planning/Advanced Product Quality Planning This chapter provides a brief overview of Advanced Quality Planning (AQP) and Advanced Product Quality Planning (APQP) and the use of FMEA in quality planning. Chapter 22—Product Quality Control Plans and Dynamic Control Plans This chapter provides an overview of Control Plans and Dynamic Control Plans and their elements.
CHAPTER 2 General Manufacturing, Automotive and Aerospace Quality System Standards
Quality system standards and specifications associated with the automotive, aerospace and general manufacturing industries are reviewed in this chapter for the purpose of identifying the requirements for Failure Mode and Effects Analysis and Control Plans in the Product Quality Cycle. This chapter provides only a brief overview of each document, and anyone who wants to fulfill the regulatory and industrial requirements should obtain a copy of the respective documents from the International Organization for Standardization (ISO), Society of Automotive Engineers (SAE) or other publishing organizations in order to ensure that all documentation required for registration is completed. As regulations and standards are periodically updated, it is the reader’s responsibility to ensure the applicability of these documents. General Manufacturing Industry ISO 9000 Series The ISO 9000 family of international quality management standards and guidelines has earned a global reputation as the basis for establishing quality management systems. The familiar three standards—ISO 9001, ISO 9002 and ISO 9003—have been integrated into the new ISO 9001:2000. This new standard specifies requirements for a quality management system for any organization that needs to demonstrate its ability to consistently provide products that meet customer and applicable regulatory requirements and aims to enhance customer satisfaction. The standard is used for certification/registration and contractual purposes by organizations seeking recognition of their quality management system. The greatest value is obtained when the entire family of standards is used in an integrated manner. In order to achieve a first level of performance, it is suggested that ISO 9001:2000 be adopted, beginning with ISO 9000:2000. The practices described in ISO 9004:2000 may then be implemented to make the quality management system increasingly effective in achieving the business goals. ISO 9001:2000 and ISO 9004:2000 have been formatted as a consistent pair of standards to facilitate their use. Using the standards in this way will allow them to be
General manufacturing, automotive and aerospace quality system standards
5
related to other management systems (e.g. environmental) and many sector-specific requirements (such as ISO/TS/16949 in the automotive industry), and it will help to gain recognition through national awards programs. The following table presents all the standards listed in the ISO 9000 series:
Table 2.1: List of standards in the ISO 9000 series Standard Title
Description
ISO 9000:2000, Quality management systems—Fundamentals and vocabulary
Establishes a starting point for understanding the standards and defines the fundamental terms and definitions used in the ISO 9000 family so you avoid misunderstandings in their use.
ISO 9001:2000, Quality management systems—Requirements
This is the requirement standard you use to assess your ability to meet customer and applicable regulatory requirements and thereby address customer satisfaction. It is now the only standard in the ISO 9000 family against which third-party certification can be carried.
ISO 9004:2000, Quality management systems—Guidelines for performance improvements
This guideline standard provides guidance for continual improvement of your quality management system to benefit all parties through sustained customer satisfaction.
ISO 19011, Guidelines on Quality and/or Provides you with guidelines for verifying the Environmental Management Systems Auditing system’s ability to achieve defined quality (currently under development) objectives. You can use this standard internally or for auditing your suppliers. ISO 10005:1995, Quality management Guidelines for quality plans
Provides guidelines to assist in the preparation, review, acceptance and revision of quality plans.
ISO 10006:1997, Quality management Guidelines to quality in project management
Guidelines to help you ensure the quality of both the project processes and the project products.
Standard Title
Description
ISO 10007:1995, Quality management— Guidelines for configuration management
Gives you guidelines to ensure that a complex product continues to function when components are changed individually.
ISO/DIS 10012, Quality assurance requirements for measuring equipment—Part 1: Metrological confirmation system for measuring equipment
Give you guidelines on the main features of a calibration system to ensure that measurements are made with the intended accuracy.
ISO 10012–2:1997, Quality assurance for measuring equipment—Part 2: Guidelines for control of measurement of processes
Provides supplementary guidance on the application of statistical process control when this is appropriate for achieving the objectives of Part 1.
ISO 10013:1995, Guidelines for developing
Provides guidelines for the development and
Guidelines for failure mode and effects analysis
quality manuals
6
maintenance of quality manuals tailored to your specific needs.
ISO/TR 10014:1998, Guidelines for managing Provides guidance on how to achieve economic the economics of quality benefits from the application of quality management. ISO 10015:1999, Quality management Guidelines for training
Provides guidance on the development, implementation, maintenance and improvement of strategies and systems for training that affects the quality of products.
ISO/TS 16949:1999, Quality systems— Automotive Suppliers—Particular requirements for the Application of ISO 9001:1994
Sector-specific guidance to the application of ISO 9001 in the automotive industry.
Automotive Industry a. Quality System Requirements—QS 9000:1998 Quality System Requirements, QS-9000 was developed by the Chrysler/Ford/General Motors Supplier Quality Requirements Task Force. This system was developed to standardize the reporting formats, technical nomenclature and reference manuals. QS9000 is a harmonization of Chrysler’s Supplier Quality Assurance Manual, Ford’s Q-101 Quality System Standard and General Motors’ NAO targets for Excellence. QS-9000 is structured according to ISO 9001:1994 Section 4 and includes automotive specific requirements to the general ISO requirements for a supplier’s quality system. QS-9000 applies to the following: Internal and external supplier sites of— a. Production materials; b. Production or service parts; c. Heat treating, painting, plating or other finishing services directly to OEM customers subscribing to QS-9000. Providers of— a. Semiconductors in conjunction with the Semiconductor Supplement issued by Chrysler, Ford and Delco Electronics; b. Tooling and equipment in conjunction with the Tooling and Equipment (TE) Supplement issued by the Big Three (Chrysler/Ford/General Motors). Proof of conformance to QS-9000 is certification/registration by an accredited third party, such as Underwriter’s Laboratories (UL) or the American Bureau of Shipping (ABS). Companies that become registered under QS-9000 will be considered to have higher standards and better-quality products. QS-9000 has the following two sections: Section 1: contains ISO-based Requirements (section 4 of ISO 9000:1994).
General manufacturing, automotive and aerospace quality system standards
7
Section 2: contains customer-specific requirements (Ford, Chrysler, GM and OEM specific requirements). QS-9000 is sometimes seen as being identical to ISO 9000, but this is not true. Even though each element of ISO 9000 is an element of QS-9000, QS-9000 adds clauses to the majority of the ISO 9000 elements. For example, QS-9000 adds requirements for a business plan, tracking customer satisfaction and bench marking to element 4.1 of ISO 9000, Management Responsibility. QS-9000 also uses sector-specific requirements. The following requirements are not based on ISO 9000: • Production part approval process; • The requirements for gaining approval from the customer to run a new or altered part or process; • Continuous improvement; • Automotive suppliers are required to have systems in place to ensure that organized, measurable improvement activities take place for a variety for business aspects; • Ensure sufficient manufacturing capabilities; • Requirements for planning and effectiveness for equipment, facilities and processes; • Requirements for mistake proofing and tooling management. Section I—ISO 9000-based requirements include the following elements as per ISO 9000:1994 section 4 4.1 Management Responsibility • This element and its sub-elements require the company to define and document the objectives for quality and its commitment to quality; • A clear structure of responsibility and authority levels should be established to meet the quality requirements; • A management review should be conducted to ensure that the quality system requirements are met continuously; • The supplier should maintain a well-documented business plan, although this document is not subject to third party audit; • The supplier should document trends in quality, productivity, efficiency, effectiveness, and cost of poor quality and periodically compare with those of competitors; • A well-documented process should be maintained to determine customer satisfaction. 4.2 Quality System • A quality system should be established and maintained to ensure the conformity of the product to specified requirements. Quality planning is key to the establishment of a good quality system. Preparation of quality plans, as per 4.2.3, include the following: Identification and acquisition of controls, processes, equipment, fixtures, resources and skills for the required quality; Ensuring the capability of the design, the production process, installation, servicing, inspection and test procedures;
Guidelines for failure mode and effects analysis
8
Updating of quality control, inspection and testing techniques as required; Identification of measurement requirements for the needed capability; Identification of suitable verification at appropriate stages; Clarification of standards of acceptability; Identification and preparation of quality records. • Advanced Product Quality Planning (APQP) should be established and implemented. The APQP should include these elements: Development/finalization of special characteristics (this could be identified from the dimensional, material, appearance, performance product characteristic categories); Feasibility reviews to ensure the capability of producing the proposed products; Product Safety should be considered in the design control/process control policies; Development and review of FMEAs: ▪ Process FMEA should consider all special characteristics. Methods for defect prevention should be encouraged instead of defect detection; ▪ Establishment of actions to reduce the potential failure modes with high risk priority numbers. Mistake-proofing methods should be established; Development/review of Control Plans: ▪ Control Plans should be developed at the system, subsystem and component or material level; ▪ Control Plans should be established for the Prototype, Pre-launch and Production phases of the product. The output of APQP is the Control Plan. Control Plans are reviewed and updated when any of the following happens: ▪ Change in product; ▪ Change in process; ▪ Increased variance in the process (highly unstable); ▪ Processes become non-capable; ▪ Inspection, method, frequency, etc. is revised. Product Part Approval should be established as required by the Product Part Approval Process (PPAP) documentation released by the Automotive industry; Efforts should be taken/established/defined for the continuous improvement of product quality; The following techniques could be used for the continuous improvement of the product: ▪ Control charts; ▪ Design of experiments; ▪ Theory of constraints; ▪ Overall equipment effectiveness; ▪ Parts-per-million analysis; ▪ Value analysis; ▪ Benchmarking;
General manufacturing, automotive and aerospace quality system standards
9
▪ Analysis of motion/ergonomics; ▪ Mistake proofing. Documentation should be established to ensure the effectiveness of facilities, equipment, tooling and process planning. 4.3 Contract Review Procedures should be established and documented for the selection of suppliers, award of contracts, etc. 4.4 Design Control This element applies to suppliers who are responsible for the design of a new product or who have the authority to change/modify an existing product design. A plan for each design and development activity should be established. Design Input requirements relating to the product, including applicable statutory and regulatory requirements, should be identified and documented. Design Output should be verified, validated and documented. As per the Design Output—Supplemental—4.4.5.1 of this document, the supplier’s design output shall be the result of a process that includes: • Efforts to simplify, optimize, innovate, and reduce waste (e.g. QFD, DFM/DFA, VE, DOE, Tolerance studies, response methodology, or appropriate alternatives); • Utilization of geometric dimensioning and tolerancing, as applicable; • Analysis of cost/performance/risk trade-offs; • Use of feedback from testing, production and field; • Use of design FMEAs. Reviews of design results should be conducted and documented at appropriate stages. Design changes should be documented and approved before implementation. 4.5 Document and Data Control As per Document and Data Control Element 4.5.1, the Supplier shall establish and maintain documented procedures to control all documents and data that relate to the requirements of ISO 9000 including, to the extent applicable, documents of external origin such as standards and customer drawings. Examples of appropriate documents include: ▪ Engineering drawings; ▪ Engineering standards; ▪ Math (CAD) data; ▪ Inspection instructions; ▪ Test procedures; ▪ Work instructions; ▪ Operation sheets; ▪ Quality manual;
Guidelines for failure mode and effects analysis
10
▪ Operational procedures; ▪ Quality assurance procedures; ▪ Material specifications. Engineering Specifications—4.5.2.1 requires the supplier to establish a procedure to assure timely review (e.g. business “days” not weeks or months), distribution and implementation of all customer engineering standards/specifications and changes. The supplier shall maintain a record of the date on which each change is implemented in production. A change in the engineering specification should require updated Production Part Approval Process (PPAP) documents i.e. FMEAs, Control Plans, etc., when these specifications are referenced on the design record. 4.6 Purchasing The supplier should establish and maintain documented procedures to ensure that the purchased product for ongoing production conforms to specified requirements, including Government, Safety and Environmental regulations (4.6.1.1 & 4.6.1.2). Requirements for the selection of contractors and subcontractors should be defined and documented. The supplier shall perform subcontractor quality system development with the goal of subcontractor compliance to QS-9000 using Section I of QS-9000 as their fundamental quality system requirement. Required product identification information for the purchased products and the verification methods should be defined and documented. 4.7 Control of Customer Supplied Product Procedures for the control of verification, storage and maintenance of a customer supplied product should be established and documented. 4.8 Product Identification and Traceability Procedures should be established to identify the product from production, delivery, installation and storage stages. 4.9 Process Control Production, installation and servicing processes that would adversely affect the quality of the product should be identified, planned and carried out under the following controlled conditions: ▪ Stepwise documentation for production, installation and servicing and the impact of these procedures on product quality; ▪ Use of suitable equipment and working environment; ▪ Identification and documentation of contingency plans in case of emergency; ▪ Compliance with reference, standards/codes and quality plans;
General manufacturing, automotive and aerospace quality system standards
11
▪ Process parameters and product characteristics, especially defined special characteristics, which would affect the product’s safety, compliance with government regulations, fit, function, appearance or quality of subsequent operations should be monitored; ▪ Routine for approval of processes and equipment; ▪ Documented criteria for workmanship; ▪ Documentation for suitable maintenance/preventive maintenance for equipment. Each employee responsible for the operation and monitoring of the process should have documented operator instructions. The instructions can be included in any of the following documents: ▪ Process sheets; ▪ Inspection and laboratory test instructions; ▪ Test procedures; ▪ Standard operation sheets. Process control should be maintained by ensuring process capability or performance as approved via PPAP. When product data indicate a high degree of capability, the Control Plan should be revised. Process changes should be documented and maintained. 4.10 Inspection and Testing Procedures for inspection and testing activities to verify that the requirements for the product are met should be established, documented and maintained. Procedures should be established to ensure that the incoming product is inspected and tested before it is used in the production. Procedures should be established as required by the quality plan i.e. Control Plans and/or other documented procedures to inspect the manufactured product, and the test results should be recorded and maintained. 4.11 Control of Inspection, Measuring and Test Equipment Procedures should be established for the calibration, inspection and control of the test equipment used to demonstrate the conformance of the product to the specified requirements, and the records should be maintained. Appropriate Statistical Analysis tools should be used to evaluate the variation in the measurement analysis. 4.12 Inspection and Test Status Based on the inspection and test status, the conformance/nonconformance of the product should be documented. This should be conducted as defined in the Quality Plan (Control Plan) throughout production, installation and servicing of the product to ensure that products that meet the conformance are released to the customer.
Guidelines for failure mode and effects analysis
12
4.13 Control of Nonconforming Product Procedures should be established and maintained for the identification, documentation, evaluation, segregation and disposition of products that do not conform to specified requirements. 4.14 Corrective and Preventive Action Required procedures for corrective action implementation (as per 4.14.2): ▪ Effective handling of customer complaints and product nonconformities reports; ▪ Investigation and recording of the cause of nonconformitites; ▪ Required corrective action and the application of controls to eliminate the cause of nonconformities. Required procedures for preventive action implementation (as per 4.14.3): ▪ Appropriate sources of information (processes/operations that affect product quality, concessions, audit results, quality records, service reports and customer complaints) to detect, analyze and eliminate potential causes of nonconformities; ▪ Identification of problems requiring preventive action; ▪ Initiation of preventive action and application of controls. This is to ensure the preventive action is effective; ▪ Information on actions taken is submitted for management review. 4.15 Handling, Storage, Packaging, Preservation and Delivery Procedures should be established for the handling, storage, packaging, preservation and delivery of products. These procedures should include: ▪ Methods of handling the product; ▪ Storage conditions; ▪ Packaging standards; ▪ Labeling systems; ▪ Delivery performance monitoring; ▪ Electronic communication and shipment notification system. 4.16 Control of Quality Records Procedures should be established and documented for the identification, collection, indexing, access, filing, storage, maintenance and disposition of quality records. Quality performance records—i.e., control charts, inspection and test results—should be retained for a minimum of one calendar year after the year in which they were created. Records of internal quality system audits and management review should be retained for a minimum of three years.
General manufacturing, automotive and aerospace quality system standards
13
4.17 Internal Quality Audits Procedures should be established for the implementation of quality audits to verify the effectiveness of the quality system. 4.18 Training Procedures should be established for conducting the training of all personnel. Training records should be maintained and the effectiveness of the training program should be reviewed periodically. 4.19 Servicing When servicing of the product is a requirement, procedures should be established defining the specifications for servicing and verifying that specified requirements are met. 4.20 Statistical Techniques Statistical tools should be identified during product quality planning and must be included in the Control Plan. Section II—Customer-Specific Requirements Chrysler-Specific Requirements • Production and part suppliers to Chrysler should be QS-9000 registered; • Products should be developed based on Product Assurance Planning (PAP) method or APQP and Control Plan; • Significant characteristics should be identified and Special Characteristics should be identified by the symbols specified by Chrysler; • An annual layout inspection to ensure continuous conformance to all Chrysler requirements should be conducted; • Product Verification/Design Validation should be performed based on Chrysler’s specification; • Internal Quality Audits should be conducted at least once per year. The Corrective Action Plan should include the following: • Description of the nonconformance; • Definition/root cause; • Interim action and effective date; • Permanent action and effective date; • Verification; • Control; • Prevention;
Guidelines for failure mode and effects analysis
14
• Approval of appearance masters, process approval, packaging, shipping and labeling should be performed according to Chrysler specifications. Ford-Specific Requirements • Suppliers to Ford are not required to have third party registration, except for Ford Australia’s unique suppliers, who should have third party registration; • Control Item parts that have critical characteristics that may affect the safe operation of the vehicle and/or compliance with government regulations are required to have Control Plans and FMEAs approved by Ford’s design and quality engineers; • All product characteristics are required to be measured annually to demonstrate conformance to specified requirements; • Setup verification is required for all critical and significant characteristics; • Lot traceability and Material Analysis for heat-treated and non-heat-treated parts should be included in the Control Plan for control items. And those who provide heat treating should comply with Ford’s requirements (W-HTX, WSS-M99A3-A); • Process changes and design changes for supplier-responsible designs require Ford’s approval if specified in the design record; • Corrective action should be taken if engineering specification does not confirm design intent; • Ford’s Quality Operating System methodology should be implemented; • APQP guidelines should be used. GM-Specific Requirements QS-9000 applies to all contracted GM suppliers. GM suppliers should refer to the forms noted in QS-9000 to address the requirements that are applicable to them. Other OEM-Specific Requirements Suppliers to Mack Trucks Inc., Navistar International Transportation Corp., PACCAR Inc., Volvo Truck North America, Mitsubishi Motors—Australia and Toyota Australia require QS-9000 registration and additional supplier quality requirements. b. ISO/TS 16949:1999—Quality Systems—Automotive Suppliers— Particular Requirements for the Application of ISO 9001:1994 TS 16949 is a new sector-specific automotive standard for the application of ISO 9001:1994. TS 16949 is a standard that has support from automotive groups from around the world. The concept is to have a single standard that all automotive suppliers can implement, and it is recognized in the U.S., Europe, Asia, Mexico, etc. Currently, a company doing business in different parts of the world with different auto manufacturers has to get certified to the local standard. This technical specification is applicable to production and service part supplier and subcontractor “sites” providing:
General manufacturing, automotive and aerospace quality system standards
15
a. Parts or materials, or b. Heat treating, painting, plating or other finishing services, or c. Other customer-specified products. The International Automotive Task Force (IATF) has been working with the ISO community on updating ISO/TS 16949 to align it with ISO 9001:2000. The expectation is that, sometime in 2002, the new ISO/TS 16949 will be released for use by automotive suppliers around the world. How APQP, PPAP and the other AIAG reference manuals will figure into the new ISO/TS 16949 is still not clear, although Ford has just announced in its new Q1–2002 program that its suppliers must be registered to either QS-9000 or ISO/TS 16949 and to ISO 14001 (Environmental management system—specification with guidance for use) c. QS 9000 vs. ISO/TS 16949 ISO/TS 16949 harmonizes the supplier quality requirements of the U.S. Big Three (QS9000, Third Edition) and French, German and Italian automakers. Of the European requirements, perhaps the most familiar in the United States is the German VDA 6.1, to which Volkswagen has required North American suppliers to its Mexican operations to be registered. The goal was to create a single document and a single third-party registration that the European automakers and the U.S. Big Three would accept. Each company considering registration to ISO/TS 16949 should obtain the document as quickly as possible, because a close reading of ISO/TS 16949 will be necessary to determine the extent of needed revisions. However, the following element-by-element summary explains the direction and extent of the changes. 4.1—Management responsibility: • A number of additions to this element are clearly intended to focus suppliers’ attention on continuous quality improvement; • Suppliers must establish goals, objectives and measurements to develop their quality policies; • Continuous improvement in quality, service, cost and technology must be covered in the quality policy; • Quality-responsible personnel’s authority to stop production is no longer a “note” or suggestion, as in QS-9000, but a requirement; • All production shifts must be staffed with personnel responsible for quality; • The management review requirement is expanded to include the “performance (of the QMS) over time as an essential part of the continuous improvement process;” • Evaluation of the cost of poor quality was a parenthetical note in QS-9000, but is a specific requirement of ISO/TS 16949; • Suppliers must develop a process for motivating employees to achieve quality objectives and providing employees at all levels with “quality awareness;” • Customer experience with the supplier’s product must be communicated in a timely manner;
Guidelines for failure mode and effects analysis
16
• Finally, the “due care for product safety” requirement from QS-9000 has been expanded to minimize risks to employees, customers and the environment. 4.2—Quality system: • The term “product realization” is introduced to cover the entire process of designing, planning and delivering products that meet customer requirements; • A requirement for a project manager and a project team is introduced; • The modifying phrase “If a project management approach is used” suggests that this approach is preferred, if not actually required. Continuing to expand the project management concept, ISO/TS 16949 requires that a method be established for measuring the product-realization process against appropriate mileposts, with appropriate analysis and management review; • The factors to be measured include quality, risks, costs and lead times. Process capability studies must be conducted on all new processes; • Results for the capability studies must be used to establish requirements for production equipment where applicable. Inclusion of all special characteristics on Control Plans, although always implicit, is now explicitly required; • ISO/TS 16949 also has a requirement for procedures on developing and verifying the product-realization process; • Detailed procedural requirements for process design inputs and outputs have been added, including a verification of the inputs vs. the outputs; • The use of the “customer-recognized product approval process” (e.g., production part approval process [PPAP]) is mandated rather than recommended as in QS-9000, although General Motors has had a customer-specific requirement for subsupplier PPAP for some time; • Additionally, when the customer so requires, special verification methods for new products must be implemented. 4.3—Contract review: Suppliers must have a formal process for identifying cost elements and employ this process in the preparation of price quotations for new products. 4.4—Design control: • The requirement for skill qualifications of the supplier’s design team is now a “shall” rather than a “should”; • Suppliers must have access to research and development to support product innovation. Analysis of competitive products is identified as one alternative source of input for the design process; • For design changes, the impact on the customer’s assembly operations is added to the factors that the supplier must consider for each change.
General manufacturing, automotive and aerospace quality system standards
17
4.5—Document and data control: There are no significant changes in this section. 4.6—Purchasing: Suppliers must encourage their subsuppliers to comply with ISO/TS 16949. However, there’s no target date for compliance, nor is there an expectation of third-party registration for subsuppliers. 4.7—Control of customer-supplied products: There are no significant changes in this section. 4.8—Product identification and traceability: There are no significant changes in this section. 4.9—Process control: • The term “process monitoring and operator instructions” has been replaced with the simpler “job instructions,” which “shall” rather than “should” be accessible at the job station without disruption; • These job instructions shall be derived from “appropriate sources,” including the Control Plan and the entire product-realization process; • Significant process events shall be noted on control charts. 4.10—Inspection and testing: • The incoming material requirements now allow the customer to waive the required control methods; • Following the precedent of the Third Edition of QS-9000, requirements for internal laboratories are further strengthened. These laboratories, which include precision metrology and calibration as well as traditional laboratory functions, must now comply with ISO/IEC 17025 (General requirement for the competence of testing & calibration laboratories), although third-party accreditation to that document is not required. 4.11—Control of inspection, measuring and test equipment: Methods and criteria for measurement system analysis shall conform to customer reference manuals (e.g., the Big Three Measurement Systems Analysis manual).
Guidelines for failure mode and effects analysis
18
4.12—Inspection and test status: There are no significant changes in this section. 4.13—Control of nonconforming product: Progress on corrective action plans shall be regularly reviewed. A requirement has been added for customer notification when nonconforming material has been shipped. 4.14—Corrective and preventive action: There are no significant changes in this section. 4.15—Handling, storage, packaging, preservation and delivery: • The controls implemented for nonconforming products must also be used for obsolete products; • If delivery will not happen according to schedule, the supplier must notify the carrier as well as the customer of the anticipated delivery problem. 4.16—Control of quality records: • The requirements for scheduling the supplier’s production process have been defined in greater detail; • There must be a scheduling process based on meeting the customers’ requirements, such as just-in-time; • The information technology must support access to production data at key production checkpoints. 4.17—Internal quality auditing: • Internal audits must be performed on all shifts and must include all activities affected by ISO/TS 16949 and all relevant customer requirements. Specifically, the internal audit must include an evaluation of the effectiveness of the product-realization and production process; • A product audit has been included in 4.17 that includes the “final product” audit required in QS-9000 and expands it to include all specified requirements at appropriate points in the production and delivery process; • Internal auditors must meet customer-established criteria. 4.18—Training: Additions include requirements for on-the-job training for new or modified jobs affecting quality and for training on customer-specific requirements.
General manufacturing, automotive and aerospace quality system standards
19
4.19—Servicing: If the supplier provides post-sale servicing, the effectiveness of service centers’ special equipment and personnel training must be re-evaluated. 4.20—Statistical techniques: Appropriate statistical methods shall be determined during the planning process, and these methods shall be understood throughout the organization. The sheer number and broad implications of these additions clearly indicate that a great deal of effort will be required to migrate from a QS-9000-based Quality Management System (QMS) to one that can be registered to ISO/TS 16949. However, there’s no need to drop everything for ISO/TS16949 now; it will exist as an alternative to QS-9000 for a substantial period, perhaps 12 to 24 months. ISO/TS 16949 will be revised to mesh with the new ISO 9001. At that time, the countdown will begin for the possible replacement of QS-9000 with ISO/TS 16949. Nevertheless, automotive suppliers will want to prepare for ISO/TS 16949 with greater urgency than this scenario might suggest: Early evaluation of ISO/TS 16949 will allow suppliers to develop the most cost-effective ways to meet these new and revised requirements. d. VDA 6.1 VDA 6.1 is the German Quality Management System for the automotive industry. Verband der Automobilindustrie e. V. (VDA) issued the 4th edition in December 1998 and it became mandatory for all German car manufacturers on April 1, 1999. Based on ISO 9001:1994, it includes all elements of QS-9000, with an additional four requirements specific to VDA 6.1 as follows: • Element 06.3 Recognition of product risks—These are the risks of the product fulfilling its own function and its effect on the whole assembly; • Element Z1.5 Employee satisfaction—The perception of the employees of the company, as well as the needs and expectations of the employees that will be met through the company’s quality approach; • Element 07.3 Quotation structure—A customer or market is offered products for purchase or made available to own or to use; • Element 12.4 Quality history—The system describes the quality history of customer supplied product and gives an overview of the situation during a particular period. The VDA standard is broken into two parts, with the first classed as management and the second focusing on products and processes. Any company that goes through an audit must achieve at least 90 percent correct on all questions to obtain registration.
Guidelines for failure mode and effects analysis
20
Aerospace Industry a. AS9000—Aerospace Basic Quality System AS9000, Aerospace Basic Quality System, is the aerospace version of ISO 9000 and was published in 1997. AS9000 contains ISO 9001 in its entirety with the addition of 27 clarifications or qualifiers and eight notes to the existing 20 elements of ISO 9001. A consortium of aerospace prime contractors, operating as a subcommittee (Americas Aerospace Quality Group, AAQG) under the Aerospace and Defense Division of the American Society for Quality Control, developed the document. Companies that contributed to the development of AS9000 include the following: • AlliedSignal; • Allison Engine Company; • Boeing; • General Electric Engines; • Lockheed Martin; • McDonnell Douglas; • Northrop Grumman; • Pratt & Whitney; • Rockwell—Collins; • Sikorsky Aircraft; • Sundstrand. Aerospace is significantly more safety and quality sensitive than most other industries. Procurement Quality Assurance at prime contractors believes ISO alone is not sufficient to define supplier quality system requirements. Primes currently require purchase order adders for ISO 9000 registered suppliers with each prime having their own unique adders. The Federal Aviation Administration (FAA) believes ISO alone is not adequate to meet regulatory requirements and FAA expectations. FAA has indicated that it will accept AS9000 under defined circumstances including: • Primes maintain liability and responsibility; • Primes must demonstrate oversight of all third-party audits; • Criteria for acceptance of demonstrated compliance must be defined. The Department of Defense (DOD) accepts ISO 9000, however, DOD expects more than ISO 9000 at primes. The DOD has expectations of advanced quality systems from prime contractors, and many DOD requirements (i.e., configuration management) are added by other required specifications. In addition to contractual requirements, DOD primes have a significant financial exposure with regard to supplier quality. AS9000 represents a dramatic streamlining of current aerospace quality standards. From the DOD through the FAA, to each prime contractor and subcontractor, there is a multiplicity of unique requirements imposed on the aerospace suppliers, creating a huge burden with little added value. AS9000 represents a significant step towards standardizing and consolidating the aerospace quality processes.
General manufacturing, automotive and aerospace quality system standards
21
b. AS9100—Quality Systems Aerospace—Model for Quality Assurance in Design, Development, Production, Installation, and Servicing The Society of Automotive Engineers (SAE International) published AS9100 Quality Systems—Aerospace—Model for Quality Assurance in Design, Development, Production, Installation, and Servicing, in March 2000, the first international aerospace quality systems standard. AS9100 is technically equivalent to the European version, published by The European Association of Aerospace Industries (AECMA) as prEN9100. In North America, AS9100 replaces AS9000 as the registration standard for suppliers to the aerospace industry. AS9000 will become obsolete when revisions to AS9100 based on ISO 9001:2000 revisions are incorporated. The existing version of ISO 9100 and AS9100 is expected to remain available for use until November 2003. This will allow users to transition to the new version. The ISO Aerospace Technical Committee 20, Working Group 11, in association with the American Aerospace Quality Group (AAQG) in the U.S. and the European Association of Aerospace Industries, AECMA in Europe, and other countries such as Japan, China, Mexico and Brazil, developed the quality systems standard for use by aerospace companies worldwide. AS9100 was developed using ISO9001, AS9000 and EN9000–1, and it builds upon their requirements to produce a globally harmonized standard that meets the requirements of aerospace companies worldwide. The first standard available for use across the global aerospace community, AS9100, adds the additional requirements necessary to address both civil and military aviation and aerospace needs. Based on industry need, major changes to the AS9000 document have been made to accommodate the changes in the industry and worldwide focus on quality and safety. Significant changes and/or additions have been made in the following areas: configuration management; reliability, maintainability, and safety; process control; purchasing; design verification and validation testing; first article inspection; corrective action; inspection and test status; servicing, delivery, investigation, and control of technical documentation and expansion of the internal audit requirement. With major industry manufacturers on board, companies at all levels in the aerospace supply chain will need this document to keep up with the worldwide changes in standardization and stay competitive in the industry. AS9100 is based on ISO 9001. AS9100 adds the additional requirements necessary to address both civil and military aviation and aerospace needs. AS9100 provides additional requirements to all but one of the 20 elements of ISO 9001. (The exception is element 4.7, Control of Customer Supplied Product.) The major areas of emphasis that supplement the elements of ISO 9001 are: • Key product/process characteristics; • Design and development management planning; • Customer and regulatory requirements; • Verification and validation documentation and testing; • Documentation and data changes;
Guidelines for failure mode and effects analysis
22
• Supplier (the AS9100 organization) purchasing and subcontractor evaluation, data and product verification; • Product identification and traceability; • Process control documentation and process changes; • Qualification and control of special processes; • First article inspection; • Inclusion of all inspection, measuring and test equipment devices; • Nonconforming material review authority and disposition; • Flow down of corrective action to the appropriate subcontractor(s); • Flow down of requirements from the Quality Manual to work instructions for use on Internal Quality Audits; • Where servicing is a requirement, the procedure(s) will address specifics on data, technical documentation, repair schemes and controls; • In the event statistical techniques are required, some specific areas and techniques offered for consideration include the following: Design verification; Process control; Inspection; Quality management; Failure Mode and Effects Analysis.
CHAPTER 3 Industry Specific Standards for Failure Mode & Effects Analysis
Aerospace Industry SAE.ARP5580—Recommended Failure Modes and Effects Analysis (FMEA) Practices for Non-Automobile Applications This document provides guidance to perform Failure Mode and Effects Analysis for the non-automotive industry, utilizing the information published in MIL-Std 1629A and SAE recommended Practice J1739. It is intended for use by organizations whose product development processes use FMEA as a tool for assessing the safety and reliability of system elements. It provides an overview of the FMEA process with details on the overall enhanced methodology. It also introduces the following types of FMEA: • Functional FMEA • Interface FMEA • Detailed FMEA Different Types of FMEAs in APR 5580 Functional FMEA This type of Failure Mode and Effects Analysis is initiated during the conceptual or preliminary design phase. Functional FMEA is performed on the conceptual design to support the architectural definition and verify necessary design compensation and failure recovery requirements derived by the Functional Requirements Analysis. Functional FMEA can be performed on control systems, processes, software and complex devices whose functionality is more readily understood than the details of their operation. Functional FMEA focuses on the functions that an item, group of items or process performs rather than on the characteristics of the specific implementation.
Guidelines for failure mode and effects analysis
24
Interface FMEA This type of FMEA is initiated during the preliminary or detailed design phase. Similar to Functional FMEA, Interface FMEA is performed to verify compliance to design, safety and regulatory requirements. Unlike Functional FMEA, Interface FMEA is the process of determining and recording characteristics of failures in the interconnections between interfacing system elements. Interface FMEA is done to evaluate interconnections between hardware elements (i.e. wires, cables, fiber optic lines, etc.) and software elements. While conducting an Interface FMEA, failure modes specific to the interfaces are defined and their characteristics (effects and fault signatures) are determined. Detailed FMEA This type of analysis is initiated during the detailed design phase, but in some cases the functional analysis may be updated during the detailed design phase rather than doing a Detailed FMEA. Detailed FMEA is performed to verify that the design complies with requirements for failures that can cause loss of end item functions, single point failures, fault detection and fault isolation. In Hardware Detailed FMEA, the components comprise the physical system design. In Software Detailed FMEA, the components are from the source code. The characteristics of the failure of each and every component is determined and documented in this process. The Detailed FMEA is initiated as the design of each element matures and the detailed design schematics, part lists, and detailed software design documents and source code become available. FMEA Verification This process is initiated during the design verification and validation phase. Verification of FMEA ensures that adequate actions are taken to control, prevent and reduce the end effects of the identified potential failure modes. Documentation This document suggests that the documentation set should include the following: Description of the system or subsystem analyzed; Worksheets for the types of FMEA conducted; Summary of the analysis results. FMEA Applications Applications of FMEA can be categorized into Product Design Hardware and Software FMEA, and Process Design FMEA. Functional, Interface and Detailed analysis could be done for both product design hardware and software FMEA. The following guidelines are provided in SAE ARP 5580.
Industry specific standards for failure mode & effects analysis
25
Product Design Hardware FMEA Product design hardware FMEAs are applied to the physical design of the product, i.e., electrical, mechanical and hydraulic subsystems and the interfaces between those subsystems. Hardware Functional FMEA Hardware Functional FMEA is first applied early in the design cycle after the major system functional components and their interactions have been defined. Typical functional failure modes pertain to a particular function not being performed or being performed incorrectly. Failure effects associated with the different modes of operation should be evaluated and recorded. Hardware Functional FMEA is also used later in the design cycle for complex subsystems or components, such as integrated circuits and control systems, whose functionality is more readily described than the operation of individual components. Hardware Interface FMEA Hardware Interface FMEA is performed on the physical interfaces between major functional system elements, i.e., LRUs (Line Replaceable Units), which include mechanical linkages, hydraulic lines or electrical cabling. Typical failure modes include low pressure in hydraulic lines, improper grounding of an electric cable, etc. Hardware Detailed FMEA Hardware Detailed FMEA is the most common type of FMEA. This is done at the lowest piece/part level of design and generally involves individual system components. Standard lists of potential failure modes are available for many of the widely used components. Product Design Software FMEA Software includes programs, their related data elements, their execution as tasks that implement various system functions and also includes program interfaces with hardware and the interfaces between different programs or tasks. Software Functional FMEA Software Functional FMEA is applied to the Computer Software Configuration Item (CSCI) during top-level software design. Failure modes associated to the individual functions, which have been assigned to Computer Software Components and to individual modules, are developed and applied to the software design to determine the effect on the system performance and safety of incorrect performance of the software element. The primary outputs of the Software Functional FMEA are used to identify software architectural changes to reduce failure exposure. They are also used to identify
Guidelines for failure mode and effects analysis
26
requirements to ensure that incorrect software behavior can be detected and that appropriate system corrective actions are instituted. Software Interface FMEA Software Interface FMEA is similar to a Functional FMEA for software but focuses on the interfaces between disparate software and hardware elements. Failure modes specific to the message and/or data type being passed are postulated and the system level effects are identified. Software Detailed FMEA Software Detailed FMEA is generally done for systems that do not include robust hardware protection of memory elements, processing results and data transfers. The intent of the Detailed FMEA is to supplement the Functional and Interface FMEAs with a detailed assessment of the response of the as-developed software to plausible faults and failures. Both the Functional and Interface FMEAs will have to be updated at the time the Software Detailed FMEA is performed to reflect the ultimate software architecture. Process Design FMEA Process FMEA evaluates the failure modes associated with the manufacturing and assembly process deficiencies. Process FMEA assumes that the product as designed will meet the design intent provided the product is manufactured properly. Process FMEAs are conducted for new parts and processes, changed parts and processes, and new applications and environments for product manufacturing and assembly. SAE ARP 5580 also provides guidance on FMEA planning, functional requirement analysis, FMEA task analysis (including failure analysis, failure ratios, process capability indices and risk criteria), documentation and reporting requirements. The following table from SAE ARP5580 summarizes the application of various types of FMEA and related tasks during the design phase.
Table 3–1 FMEA Task
Value/Use
Defines the design Functional Requirements requirements for fault compensation, mitigation Analysis and monitoring provisions. Functional Failure Mode and Effects Analysis
Supports functional assessment of system architecture. Supports early verification of the conceptual baseline: • Completeness of fault compensation
Timing
Recommendations
Initiated during conceptual design phase.
Should always be performed.
Initiated during conceptual or preliminary design phase.
Should always be performed.
Industry specific standards for failure mode & effects analysis
27
requirements • Requirements for FD/FI provisions. Identifies critical functions for more detailed analysis. Interface Failure Mode and Effects Analysis
Supports system level assessment of downstream failure effects (e.g. cascading faults). Provides a system view to the response of the FD/FI provisions. Provides an assessment of the
Initiated during preliminary or detailed design phase.
Performed when analyzing a system or subsystem or when required by the system integrator.
FMEA Task
Value/Use
Timing
Recommendations
overall system architecture. Hardware Detailed Failure Mode and Effects Analysis
Provides a higher fidelity assessment for critical and safety related functions. Provides a detailed assessment of LRU and SRU failure conditions.
Initiated during detailed design phase.
Software Detailed Failure Mode and Effects Analysis
Provides evaluation of single variable or instruction failures in software.
Initiated in Should be limited to systems detailed software without hardware protection design phase. of memory, processing results or data transfers.
Latency Assessment
Accounts for multiple simultaneous failure modes.
Performed as part of each analysis type.
FMEA Verification
Verifies accuracy of analysis results. Validates analysis ground rules.
Initiated in Done in conjunction with verification and system verification testing, validation phase. especially when the analyst is uncertain of the failure consequences, or when required by contract or there is concern about ground rules.
Should be limited to safety or mission critical functions identified during the Functional Failure Mode and Effects Analysis.
Performed when there are safety concerns.
Guidelines for failure mode and effects analysis
28
Automotive Industry SAE.J1739—Potential Failure Mode and Effects Analysis in Design (Design FMEA), Potential Failure Modes and Effects Analysis in Manufacturing and Assembly Processes (Process FMEA), and Potential Failure Mode and Effects Analysis for Machinery (Machinery FMEA) This document provides guidance in the application of Failure Mode and Effects Analysis. It’s a recommended practice that gives the freedom to each team to use it in the most effective way for a given situation. The document states the following three basic cases for which FMEAs are generated, each with a different scope: Case
Scope
New design, technology or process
Focus on complete design, technology or process
Modifications to existing design or process (assumes there is a FMEA for the existing design or process)
Focus on modification to design or process, possible interactions due to the modification, and field history
Use of existing design or process in a new Focus on the impact of the new environment, location or application (assumes there is environment or location on the existing a FMEA for the existing design or process) design or process
Guidelines for the following three types of FMEAs are provided in this document: • Design FMEA (D-FMEA)—Design FMEA evaluates the initial design for manufacturing, assembly, service and recycling requirements, including functional requirements and design alternatives. Design FMEA should be initiated before or at design concept finalization and be continually updated as changes occur or additional information is obtained throughout the phases of product development. Design FMEA should be completed before the production drawings are released for tooling. Suggested criteria for the evaluation of severity, occurrence and detection for DFMEA are provided in Tables 1, 2 and 3 of SAE J1739. • Process FMEA (P-FMEA)—Process FMEA is utilized to accomplish the following: • Identify the process functions and requirements; • Identify potential product- and process-related failure modes; • Assess the potential customer effects of the failures; • Identify the potential manufacturing/assembly process causes and identify process variables on which to focus controls for occurrence reduction or detection of the failure conditions; • Identify process variables on which to focus process controls; • Develop a ranked list of potential failure modes, thus establishing a priority system for preventive/corrective action considerations;
Industry specific standards for failure mode & effects analysis
29
• Document the results of the manufacturing/assembly process. Process FMEA should be initiated before or at the feasibility stage and prior to tooling for production. It should take into account all manufacturing operations from individual components to assemblies. Suggested criteria for the evaluation of severity, occurrence and detection for PFMEA are provided in Tables 4, 5 and 6 of SAE J1739. • Machinery FMEA (M-FMEA)—The Machinery FMEA supports the design process in reducing the risk of failures by: • Aiding in the objective evaluation of equipment functions, design requirements and design alternatives; • Increasing the probability that potential failure modes and their effects on the machinery have been considered in the design and development process; • Providing additional information to aid in the planning of thorough and efficient design, validation and development programs; • Developing a ranked list of potential failure modes ranked according to their effect on the “customer,” thus establishing a priority system for design improvements, development and validation testing analysis. Machinery FMEA should be initiated during design concept development and should be continually updated as changes occur or additional information is obtained throughout the phases of machinery development. The analysis should be completed before engineering release for construction. Suggested criteria for the evaluation of severity, occurrence and detection for Machinery FMEA are provided in Tables 7, 8 and 9 of SAE J1739.
CHAPTER 4 Risk Management Planning
Risk Management The focus of risk management is to identify the hazards associated with functional units and their accessories, estimate and evaluate the risks, control these risks and monitor the effectiveness of the control. The foundation of effective risk management is a clear commitment from corporate management. There are three key commitments that must be made in order to build the necessary infrastructure for a cost-effective risk management program: • Organize and maintain the knowledge and information on the design, development and manufacturing of the product and ensure this data is up-to-date and accurate. This process is essential as the quality of the risk management program depends directly on this information. • Provide knowledgeable and competent personnel throughout the organization to manage the risk management process and to participate in risk assessment and other work activities. • Create a system that not only documents and maintains risk management files, but also records management’s response to these studies and enforces an audit system to ensure that all approved risk reduction actions are implemented in a timely manner. The risk management process in general includes the following elements: • Risk Management Plan; • Risk Assessment—covering both Risk Analysis and Risk Evaluation; • Risk Control; • Post-Production Information. Risk Management Plan Management must clearly define the objectives and scope of the project, which are dependent on a number of factors: • The part of the product/process/system on which the project focuses; • The phase of the product’s life cycle in which the project takes place; • The amount of information available.
Risk management planning
31
Responsibility and resources should be allocated to ensure that no responsibility is omitted. Decisions concerning risk acceptability may be based on operational, technical, financial, legal, social, humanitarian or other criteria. The decisions can be justified by doing the following: • Using product-specific standards. If standards are properly implemented and the product is tested, an acceptable level of risk should result. • Comparing with levels of risk evident from other similar products/systems on the market, which should consider similarities and differences in: ○ Functionality/intended use; ○ Hazards; ○ Risk; ○ Safety features; ○ Historical data; • Following appropriate guidance documents. Risk Assessment (Risk Analysis & Risk Evaluation) Risk analysis addresses three specific questions: • What can go wrong? • How likely is it? • What are the impacts? In order to answer the above questions, it is essential to understand the intended use or purpose of the product, including any foreseeable misuse, and to identify the product characteristics that could impact on safety. The next step is to identify hazards associated with the product and determine the related causes and consequences, and ultimately estimate the risk. Some potential hazards (if applicable) that should be evaluated include these factors: • Toxicity, flammability and reactivity of raw materials and wastes; • Sensitivity to environmental factors such as temperature and humidity; • Mechanical or electronic hazards; • Human factors associated with the operator-equipment interface. The risk analysis is not restricted to only the design of the product but should also be done for the manufacturing process (e.g. assembly process, packaging) and the process of delivering the product to its intended location. For products that involve materials that are sensitive to the environment (e.g., heat, humidity, cold or light), storage and transportation methods need to be reviewed. If problems are identified, appropriate changes should be made in packaging or warnings on storage or packaging containers. The software used in the functioning of a product to control or monitor systems also needs to be reviewed. The consequences of software errors can be unpredictable, particularly those that involve data corruption or false alarms. In such cases, the product should have a means of detecting software errors or the consequences. For example,
Guidelines for failure mode and effects analysis
32
consider installing separate redundant alarms or interlocks on critical aspects of the system/product. Depending on the complexity of the system/product, one or a combination of risk analysis techniques can be used to identify hazards. Some common techniques include Failure Mode and Effects Analysis (FMEA), Hazard and Operability Analysis (HAZOP) and Fault Tree Analysis (FTA). The FMEA methodology and its application throughout the entire life cycle of the system/product are addressed later in this manual. The other two techniques are described in the next chapter. Once the risk estimation for all hazards is completed, the acceptability of risk is determined based on the company’s risk-acceptability criteria (based on what was established in the risk management plan) and, if it is too high, the risk needs to be mitigated. Risk Control Risk reduction should focus on reducing the hazard severity, the probability of occurrence, or both. The following are examples of risk control: • Inherent safety by design; • Use of consensus standards; • Protective design measures (e.g. incorporating alarms and interlocks into the design to mitigate risks that cannot be eliminated); • Protective manufacturing measures, with improved process or test capabilities; • Safety information (labeling, instructions for use, training, etc.). The technical and economic practicality of implementing the options should be evaluated. Once the risk reduction decisions are made, the associated risk reduction actions should be implemented and monitored throughout the product’s life cycle. Post-Production Information Throughout the product’s lifetime, new information obtained during postmarketing vigilance regarding a new hazard or risk must be assessed and recorded in the risk management file. Hence, risk analysis and management is an ongoing process throughout a product’s lifetime and it is the continuous responsibility of the manufacturer to ensure the product/system safety.
Risk management should start at the early design stage to establish the highest level of inherent safety. This can significantly offset the cost of implementing risk-mitigating measures.
CHAPTER 5 Risk Analysis Methodologies
This chapter gives an overview of Hazard and Operability Analysis (HAZOP) and Fault Tree Analysis (FTA), which are risk analysis techniques commonly used in the industry as alternatives to Failure Mode and Effects Analysis (FMEA). Hazard and Operability Analysis (HAZOP) This technique was originally developed for use in the chemical process industry for identifying hazards and operability problems. HAZOP is a highly structured bottom-up methodology. It uses the combination of design parameter and guide word to help identify deviation from design intent. The following are examples of guide words and design parameters: Guide Words • More or High or Higher or Greater (words that imply an excess), when compared to the design intent; • No, None, Less or Low or Lower or Reduced (words that imply insufficiency), when compared to the design intent; • Part of or Not all of or Partially (words that imply incompleteness), when compared to the design intent. Design Parameters Applicable parameters typically include: • Pressure; • Temperature; • Flow; • Composition; • Level; • Reaction Rate; • Viscosity; • pH.
Guidelines for failure mode and effects analysis
34
Applicable operations typically include: • Filling; • Transferring; • Purging; • Emptying; • Draining; • Venting; • Maintenance; • Start-up; • Shut-down. Deviations
For example: ■
■
■
When Property=Parameter: High
+
Flow
=
High Flow
Low
+
Pressure
=
Low Pressure
More
+
Reaction
=
Greater Reactivity
When Property=Operation: No
+
Transfer
=
No Transfer
Less
+
Empty
=
Residue Remaining
When Property=Material: No
+
Steam
=
No Steam
More
+
Diluent
=
More Diluent
Fault Tree Analysis (FTA) Fault Tree Analysis is a top-down methodology. The analysis starts with the undesired consequence or top event and identifies the various combinations of faulty and normal possible events occurring in the system. This procedure deduces the root cause(s) of the top event. The events and logical relationships between events are represented graphically in a tree structure using both logic and event symbols, as shown in Tables 5–1 and 5–2, respectively. An example of a fault tree is shown in Figure 5–1. FTA can be used to identify multiple failure conditions where two or more events must occur for the top-level event to occur. If estimates of failure rates are available for individual events, the probability of the top event can be predicted.
Risk analysis methodologies
35
Table 5–1: Logic Gate Symbols Gate Symbol
Gate Name AND
OR
Causal Relation Output event occurs if all input events occur simultaneously
Output event occurs if any one of the input events occurs
Table 5–2: Event Symbols Event Symbol
Event Name CIRCLE
DIAMOND
RECTANGLE
TRIANGLE
Meaning Basic event with sufficient data
Undeveloped event
Event represented by a gate
Transfer symbol
Guidelines for failure mode and effects analysis
36
Figure 5–1: Fault Tree Analysis Example
CHAPTER 6
Overview of FMEA
This chapter is an introduction to Failure Mode and Effects Analysis (FMEA). It outlines the objectives of FMEA, reasons and benefits of performing FMEA and the limitations of the technique. Overview The need for continuous improvement of product quality, reliability and safety arises from product recalls (see Table 6–1), government regulatory requirements, agency recommendations, legal implications and above all a company’s desire to improve its market position and customer satisfaction. These issues require product manufacturers to perform risk analyses that identify and minimize part/system failures throughout the product’s life cycle. The FMEA methodology is one of the risk analysis techniques recommended by international standards. It is a systematic process to identify potential failures to fulfill the intended function, to identify possible failure causes so the causes can be eliminated, and to locate the failure impacts so the impacts can be reduced. The process of FMEA has three main focuses: ▪ The recognition and evaluation of potential failures and their effects; ▪ The identification and prioritization of actions that could eliminate the potential failures, reduce their chances of occurring or reduce their risks; ▪ The documentation of these identification, evaluation and corrective activities so that product quality improves over time. FMEA is primarily adapted for material and equipment failures, but in a broad sense, human error, performance and software errors can also be included. By applying the FMEA methodology during the various phases of a product’s life cycle, the methodology provides a systematic and disciplined strategy for examining all the ways in which a product can fail. The results of FMEA in turn affect the product design, process development, sourcing and suppliers’ quality, downstream (referring to downstream of a process or user of the product) application, and field service. The following are some of the benefits of conducting a FMEA study: ▪ Ensures that the potential failures and their effects on the system have been identified and evaluated, consequently helping to identify errors and define corrective actions; ▪ Provides a means for reviewing product and process design; ▪ Helps to identify critical characteristics of the products and processes;
Guidelines for failure mode and effects analysis
38
▪ Improves productivity, quality, safety and cost efficiency; ▪ Helps to determine the need for selecting alternative materials, parts, devices, components and tasks; ▪ Assists in documenting the reasons for changes; ▪ Provides a means of communication between different departments; ▪ Helps increase customer satisfaction; ▪ Improves a company’s image and competitiveness.
Table 6–1: List of Product Recalls Model/Type of Product
Quantity Recalled
Problem
Failure Effect
2001 Nissan Sentra
130,000 passenger cars
One or more of the attachment bolts for the front-suspension, lower control arms may break.
Unusual noise or vibration felt through the steering wheel when hitting bumps.
2000 and 2001 Chrysler Neon
515,000 from USA, Canada, Mexico and foreign markets
Brake booster vacuum hose Harder for drivers to may loosen. stop the vehicle. Greater pedal pressure may be required to stop the vehicle.
1997-2000 Chevrolet Venture, Pontiac Trans Sport/Montana and Oldsmobile Silhouette
54,700 minivans
Passenger side power Door could open sliding doors may close but while the car is in not latch. motion.
Automotive
Pontiac Grand Am, Buick 778,000 cars Skylark and Oldsmobile Achieva
High current flows and heat in the ignition switch when key held in the start position for an extended period of time.
Fires could occur in the steering system. Reports of three injuries from electrical fires.
GM light trucks and sports utilities
Brake pedal will be lower than normal and stopping distances will be longer.
Crash could occur when stopping distance is smaller.
Model/Type of Product
1.38 million vehicles
Quantity Recalled
Problem
Failure Effect
Take 2, Travel Solutions, Pioneer, Travelite, Pro Sport 4in-1 strollers
650,000 strollers
Strollers can unexpectedly collapse or the car seat/carrier adapter can unexpectedly detach.
Infants can suffer serious injuries. 681 incidents including 250 injuries reported.
Star Cruiser and Rock Rider swings (backyard gym sets)
190,000 sets
Screws that hold the swing together can fall out, causing the seat to fall to
291 incidents of seats separating and 19 injuries reported.
Home Products
Overview of FMEA
39
the ground. Ariens Scotts and Husqvarna walk-behind lawnmowers
40,000 lawnmowers
Piece attaching the blade to Possible injury to the the mower can crack and operator or bystander. break off.
Zep commercial cleaner 1.4 million 32 oz. bottles
Leaking occurs through the Cleaner causes irritation cap when bottles are turned and burns to the skin and on their side. eyes. 10 bottle leaks and three injuries reported.
AquaStar natural gas water heaters
320 units
Produces dangerous levels of carbon monoxide in exhaust gas.
Model/Type of Product
Quantity Recalled Problem
Serious injuries and death possible.
Failure Effect
Children’s Toys and Consumer Goods Princess Ariel costumes 54,000 costumes
Fabric ignites easily.
A burn injury to a four-year-old girl and one case of ignition reported.
Accessory to a video game—baseball bats
140,000 baseball video games to replace the bats
Bats can separate during swinging.
A split lip, facial lacerations, a bump on the head and bruising reported.
Nike Trunner LX and Jordan Trunner 2000 cross trainers
225,000 pairs
Thin metal strip on the outside of the heel can protrude from the shoe.
Forms a sharp edge that can cut. 16 reports of cuts to the lower legs. Some stitches to close.
Overpressure valve can stick in the open position.
Risk of drowning to divers.
Lubricant residue may cause the shells to come loose and may prevent implant from bonding with the bone, causing the shells to loosen.
129 cases of loosening reported. All presented symptoms of aseptic loosening within six months of implantation.
Scuba buoyancy 10,000 units compensator devices (BCDs) by Sheico PKS Inc. Medical Devices and Pharmaceuticals Inter-Op shells by Sulzer Orthopedics
Approximately 17,500 patients worldwide have received the recalled Inter-Op shells.
Migraine drug Sandomigran DS (pizotifen, double strength) by Novartis Pharmaceuticals Canada
941 large bottles sent Muscle relaxant tablets out to pharmacists were found in some still need to be bottles. located
These foreign tablets could lead to drops in blood pressure.
Guidelines for failure mode and effects analysis
Model/Type of Product
Quantity Recalled
Problem
40
Failure Effect
Consumer Electronics Electric drills
58,000 units Switches on these power tools can stick.
Drills can continue to operate after the trigger is released. Risk of injury to user.
Nightlights by Dura Kleen Inc.
459,000 nightlights
Electrical connections are loose; made of flammable plastic, and power switch does not work.
Poses shock and fire hazards to consumers.
Black & Decker miter saws
118,400 units
Bolts can loosen.
Risk of lacerations to the user.
Can overcharge and become very hot.
Possible smoke and fire.
Batteries in Dell 284,000 Inspiron 5000 and 5000e batteries notebook computers
Limitations of FMEA Using Failure Mode and Effects Analysis can potentially be disadvantageous for the following reasons: ▪ Analysis of complex systems that have multiple functions consisting of a number of components can be tedious and difficult; ▪ Compound failure effects cannot be analyzed; ▪ Incorporating all possible factors influencing the product/process, such as human errors and environmental impacts, can make the analysis lengthy and require a thorough knowledge of the characteristics and performance of the different components of the system; ▪ Successful completion requires expertise, experience and good team skills; ▪ Dealing with data redundancies can be difficult; ▪ Can be costly and time consuming.
CHAPTER 7
FMEA Procedures
This chapter describes the basic terminology and process used in FMEA. In addition, the procedures for setting up, conducting and following up FMEA are described. Introduction Similar to a HAZOP, the FMEA is a bottom-up approach starting with components and using a single-point failure approach to progressively work up to the top level. During the FMEA study, risk is estimated by rating the severity of failure effects, the likelihood of causes, and the likelihood of detecting the cause of a failure or the failure mode. Table 7– 1 shows a sample FMEA worksheet for documenting the results of the analysis. The terminology used on the worksheet and the FMEA procedures are described below. FMEA Terminology Item Function Item function specifies the function of the part or item under review. Potential Failure Mode A potential failure mode is the manner in which a failure can occur i.e. the ways in which the reviewed item can fail to perform its intended design function, or perform the function but fail to meet the objective. The potential failure mode may also be the cause of another potential failure mode in a higher-level subsystem or system, or be the effect of one in a lower-level component. Typical potential failure modes include the following: ▪ Fail to open/close; ▪ Brittle; ▪ Cracked; ▪ Warped; ▪ Underfilled; ▪ Undersized/Oversized.
Guidelines for failure mode and effects analysis
42
Potential Failure Causes Potential failure causes identify the root cause of the potential failure mode, not the symptoms, and provide an indication of a design weakness that leads to the failure mode. The prompt identification of the root cause is important for the implementation of preventive or corrective measures. Failure causes often include these types of problems: ▪ Overstressing; ▪ Incorrect material specified; ▪ Improper wall thickness; ▪ Improper tolerance. Potential Failure Effects Potential failure effects refer to the potential outcome of the failure on the system, design, process or service. The potential failure effects need to be analyzed based on the local and global impacts. A local effect is an outcome with only an isolated impact that does not affect other functions. A global effect, on the other hand, affects other functions/components and has a domino effect on the system. For a design, three types of potential failure effects need to be considered: ▪ The effect on the end user of the product (end effect); ▪ The effect on the local/reviewed area (local effect); ▪ The effect on aspects situated between the above two (next high level effect). For a manufacturing process, two types of potential failure effects need to be considered: ▪ The effect on the product; ▪ The effect on local and downstream processes. The severity of a particular failure is determined based on the failure effect. The more serious the effect is, the higher the severity. Potential failure effects might include these examples: ▪ Erratic operation; ▪ Failure to operate; ▪ Noise; ▪ Loss of life. Current Controls Current controls are the safeguarding measures in place at the time of review that are intended to do the following: ▪ Eliminate causes of failure; ▪ Identify or detect failure; ▪ Reduce impacts/consequences of failure. This list includes common examples of current controls:
FMEA procedures
43
▪ Statistical Process Control (SPC) analysis; ▪ Product capability studies; ▪ Function tests; ▪ Gauge repeatability and reproducibility (R&R) studies; ▪ Durability tests; ▪ Design reviews and design guidelines; ▪ Operator training. Severity (S) Severity is the seriousness of the effects of the failure. Severity is an assessment of the failure effects on the end user, local area and in-between (next higher) areas. The severity rating applies only to the effects. The severity can be reduced only through a change in the design. If such a design change is attainable, the failure can possibly be eliminated. Occurrence (O) Occurrence is the frequency of the failure—that is, how often the failure can be expected to take place. Detection (D) Detection is the ability to identify the failure before it reaches the end user/customer. Risk Priority Number (RPN) An RPN is a measurement of relative risk. It is calculated by multiplying together the severity, occurrence and detection ratings. The RPN is determined before implementing recommended corrective actions, and it is used to prioritize the actions. The value, by itself, does not have any other significance.
Recommended Corrective Action The recommended corrective action is intended to reduce the RPN by reducing the severity, occurrence or detection ranking, or all three together. Corrective Actions Taken It is a brief description of the actual actions taken, after identifying recommended corrective actions.
Guidelines for failure mode and effects analysis
44
Resulting Severity After a corrective action has been chosen/identified, “estimate” and record the resulting severity rating. Resulting Occurrence After a corrective action has been chosen/identified, “estimate” and record the resulting occurrence rating. Resulting Detection After a corrective action has been chosen/identified, “estimate” and record the resulting detection rating. Resulting RPN The resulting RPN is determined based on the resulting severity, occurrence and detection. Critical Characteristics Critical characteristics are characteristics that can affect compliance with government regulations or product safety. Critical characteristics are defined by: ▪ The courts—through product liability; ▪ Regulatory agencies—through formal laws and/or regulations; ▪ Industrial standards—through generally accepted practices in the industry; ▪ Customer requisitions—through their wants, needs and expectations; ▪ Internal engineering requirements—through historical data, or leading edge technology, or experiences with products or services. Such characteristics require specific producer, assembly, shipping or monitoring actions and inclusion on Control Plans. Examples of critical characteristics include part or process requirements, such as dimensions, specifications, tests, processes, assembly sequences, tooling, torque, welds, attachments and component usages. Significant Characteristics Significant characteristics are characteristics of products, processes and tests where a reduction in variation within a specified tolerance around a proper target will improve customer satisfaction. Significant characteristics must be supported with Control Plans.
FMEA procedures
45
Control Items Control items are parts that can affect either compliance with government regulations or safe product/process operation. They are identified by the customer’s product engineering on drawings and specifications with a specific and unique symbol. FMEA Steps During an FMEA study, the product/process/service/system being reviewed is broken down into smaller items/subsystems. For each item, the following steps are performed: 1. Define the item being analyzed. 2. Define the functions of the item being analyzed. 3. Identify all potential failure modes for the item. 4. Determine the causes of each potential failure mode. 5. Identify the effects of each potential failure mode without consideration of current control. 6. Identify and list the current controls for each potential failure mode. 7. Determine the most appropriate corrective/preventive actions and recommendations based on the analysis of risk. After going through all the items for each failure, assign a rating (from 1 to 10, low to high) for severity, occurrence and detection. Determine the RPN and use it to prioritize the recommendations. The severity rating should be based on the worst effect of the potential failure mode. When the severity is very high (8 to 10), special attention must be given to ensure that the risk is addressed through existing design controls or corrective/preventive actions, regardless of the RPN. If there are no recommended actions for a specific potential failure mode, failure cause or existing control, enter “None”. If this is a follow-up of an existing FMEA, note any action taken to eliminate or reduce the risk of failure modes. Determine the resulting RPN as the risk of the potential failure modes are reduced or eliminated. Once corrective action has been taken, the resulting RPN is determined by reevaluating the severity, occurrence and detection ratings. Improvement and corrective action must continue until the resulting RPN is at an acceptable level for all potential failure modes.
Guidelines for failure mode and effects analysis
46
Table 7–1: Sample FMEA worksheet Item Item Fail Ca Critical/ Fail Initial Action Curr Recom Corre Fun ure uses Control/ ure Conditions Results ent mended ctive ction Mo Signi Ef Con Corre Action S O D RPN S O D RPN des ficant fects trols ctive Taken item Action
Preliminary Consideration of FMEA It is important that the scope of the FMEA study is clearly defined. This allows the FMEA team to suggest and implement improvements freely within the defined boundaries. The following is a list of questions that help to define the boundaries of the study: ▪ What aspects of the FMEA is the team responsible for? e.g. FMEA analysis, recommendations for improvement, implementation of improvements. ▪ What is the budget for the FMEA? ▪ Does the project have a deadline? ▪ What is the scope of the FMEA?
FMEA procedures
47
When it comes to planning the meeting, the following is a suggested list of considerations: ▪ People—People involved in all meetings may differ in values, attitudes, experiences, gender, age and education. All these differences must be accounted for in the planning of the meeting. ▪ Purpose—As mentioned before, the scope of the study—the purpose, objective and the goal—must be understood by all, both management and participants. ▪ Atmosphere or climate—The atmosphere contributes to the effectiveness of the meeting. It is imperative that whoever plans the meeting takes into consideration the climate and atmosphere. ▪ Place and space—All meetings are held in a place and a space. Therefore, planners must consider the following: ○ Access to the space, available parking; ○ Size of the space; ○ Acoustics, lighting, temperature control; ○ Cost; ○ Equipment requirements. ▪ Costs—The FMEA budget should take into consideration the required preparation time, as it can be lengthy. The required preparation work is discussed further in the next section. As the system, design, process or service personnel assigned to do the FMEA may be in different places, one should consider the travel expenses of participants. ▪ Time dimensions—When estimating the time required for conducting the FMEA, one should consider the conditions, objectives and complexity of the project. The time constraints should be fully evaluated. If the meeting is going to be prolonged, the agenda items and objects should be adjusted accordingly. ▪ Prework and “after the official meeting work”—The quality of the FMEA study depends on good preparation work, which is discussed further in the next section. ▪ Plans, program and agenda—All meetings have an agenda, for without an agenda, there cannot be a meeting. A detailed planned program or agenda, which can be shared (no surprises) by all participants, is a valuable addition to a meeting. When planning the agenda, make sure all the objectives of the meeting are covered. ▪ Follow-up—After the meetings have ended, there is a need for some follow-up in these areas: ○ Implementing action items; ○ Communicating information to all appropriate personnel; ○ Publishing the documented study and writing the report.
Preparation Before FMEA Sessions Before conducting a FMEA, preparation work should be done to ensure that the FMEA study is carried out smoothly. The following are the recommended procedures for doing so:
Guidelines for failure mode and effects analysis
48
1. Define scope After considering the questions outlined in the previous section, the study scope should be defined and documented. This would help prevent the FMEA team from focusing on the wrong aspect of the product, process or service during the FMEA. It would also assist the process of data collection (next step). 2. Collect data On the basis of the scope defined in step 1, assemble as much information as possible. The following are some examples: ▪ Product prototype; ▪ Design specification; ▪ Design drawings; ▪ Process flow diagram; ▪ Operating manual; ▪ Maintenance log. 3. Break down the system During the process of breaking down the product/process/service into smaller items, consider the following: ▪ If items are too small, you can lose your sense of analysis and incur excessive repetition; ▪ If items are too large, they can become confusing and hard to handle. The best way to size an item is based on item function. 4. Prepare list of potential failure modes The list of potential failure modes prepared at this stage acts as a starting point for the FMEA section. It is not intended to replace the effort of identifying the potential failure modes during the FMEA section. The list can be established based on this information: ▪ Failure history of products with similar design; ▪ Product recalls; ▪ Failure records of the product/process/system; ▪ Review of the product/process/system. 5. Assemble FMEA team A FMEA study requires efforts of experts from different areas. It cannot be done on an individual basis. Hence, the team should be cross-functional and multi-disciplined. It is important to ensure that the appropriate individuals are going to participate.
FMEA procedures
49
6. Choose the right tool for transcribing FMEA Choosing the right tool for transcribing the FMEA ensures efficiency of conducting the analysis. There are three different methods (non-computer and computer based): ▪ Manual transcription; ▪ Spreadsheet-type software; ▪ Risk analysis software (Windows based). Table 7–2 compares the features of the above methods. Each feature is ranked from 10 to 1, with 10 being the best performance. It is concluded that using risk analysis software is the best and most efficient method.
Table 7–2: Comparison of features of different methods of transcribing risk analysis Feature
Manual Transcription
Spreadsheets
Risk analysis software (Windows based)
None (10)
Little (7)
Some (4)
Maximum (10)
Good (7)
Good (7)
Poor (1)
Fair (4)
Very Good (10)
Very Good (10)
Good (7)
Very Good (10)
None (1)
Some (4)
Very Good (10)
Team Participation
No (1)
Some (4)
Very Good (10)
Quality Assurance
None (1)
Little (4)
Very Good (10)
Assists Auditing of FMEA
No (1)
Little (4)
Very Good (10)
Good Documentation
No (1)
Fair (4)
Very Good (10)
“Power” Features
None (1)
Some (4)
Very Good (10)
Overall Assessment
Poor (37)
Fair (49)
Very Good (91)
Learning Curve Required User Friendliness Productivity Customization Features Copying Capabilities
Guidelines for failure mode and effects analysis
50
Conducting FMEA Sessions The FMEA team is led by the team leader or the facilitator. The team leader/facilitator provides assistance and guidance to the team to ensure that the FMEA session is conducted effectively on a timely basis. A typical FMEA session would follow the steps outlined below: 1. Facilitator or team leader explains The facilitator or one of the team members explains the purpose and scope of the FMEA and sets the rules for the study. 2. Review the system being studied The system is reviewed to ensure everyone on the FMEA team has the same understanding of the system. 3. Perform the analysis The FMEA process described earlier is applied to the product/process/system. When FMEA is performed on commodity items, it would be efficient to perform group FMEAs on similar or identical items and then address the out-of-the-ordinary conditions as separate items. 4. Review FMEA At the end of the FMEA, the team should ensure that the function, purpose and objective have been met. Some helpful hints include the following questions: • Is the problem identification specific? • Was a root cause, effect or symptom identified? • Is the corrective action measurable? • Is the corrective action proactive? • Is the use of terminology current and consistent?
Follow-Up of FMEA ▪ The facilitator/team leader would issue a preliminary FMEA report including the following: ○ Attendance; ○ Study Outline; ○ Detail Report; ○ Action Register.
FMEA procedures
51
▪ The FMEA is a living document and should always reflect the latest level of the system being analyzed, as well as the latest relevant actions, including those occurring after the start of production. ▪ The distribution is a controlled document and should be treated as such. ▪ Each recommendation must be assigned to the appropriate personnel to ensure it has been implemented or adequately addressed. ▪ A person should be assigned to oversee the progress of implementing all recommendations and to ensure all actions are carried out properly.
CHAPTER 8 FMEA Team
This chapter describes the responsibilities of FMEA team members and the facilitator/ team leader. Introduction Failure Mode and Effects Analysis (FMEA) is a team function and cannot be done on an individual basis. The makeup of the FMEA team is cross-functional and multi-disciplined for each study. The knowledge that is required for a specific problem is often unique to that problem and may require personnel from other specialized departments as well. Team Size ▪ The best size for the team is usually four to six people; ▪ The minimum number of people can be dictated by the number of areas that are affected by the FMEA; ▪ When appropriate, consider offering team membership to the customer, whether internal or external to the organization.
Team Membership The responsibilities of team members are as follows: ▪ Participate; ▪ Contribute knowledge and experience; ▪ Be open-minded for discussion, negotiation and compromise; ▪ Share adequate information with colleagues.
Team Leader (Facilitator) The team leader is responsible for coordinating the FMEA process:
FMEA team
53
▪ Setting up and facilitating meetings; ▪ Ensuring that the team has the necessary resources available; ▪ Making sure the team is progressing toward the completion of the FMEA. The team leader should not dominate the team and does not normally have the final word on team decisions. The team leader’s role is more like that of a facilitator than a decisionmaker. Arrangements should be made for a scribe to be responsible for documenting the study during the FMEA sessions. The scribe’s role is often rotated among all team members, except the team leader. This spreads the burden equally among all participants.
CHAPTER 9 Common Tools Used with FMEA
This chapter gives an overview of tools commonly used with FMEA, including process flowcharts, block diagrams and Pareto charts. Process Mapping/Process Flowcharts The concept of process mapping is to capture knowledge and sequence of flow of operations about processes and then represent that knowledge using boxes and arrows. Process mapping provides a clear picture of the process and allows easy identification of the main sequence of activities, and it clarifies critical connections across individual operations and departments. Table 9–1 shows some commonly used symbols in process mapping. An example process map is given in Figure 9–1.
Table 9–1: Common Symbols Used in Process Mapping Symbol
Meaning Decision Control/Inspection Operation Movement/Transfer
Symbol
Meaning Delay
Examples • Is the part to customer spec? • Is the supplier the correct one? • Inspect part. • Is it the correct quality/quantity? • An action or process. • Is it manual or automatic? • Material handling. • Movement of people. • Data transfer.
Examples • Down time or setup time. • Items in queue. • Waiting for additional information.
Common tools used with FMEA
Storage/Inventory Reject
55
• Inventory materials, finished products. • Items rejected. • What happens to rejected part and subsequent parts?
Here are just a few of the typical symbols used in process mapping. By using symbols and words, a picture of a company’s manufacturing process can be drawn.
Figure 9–1: Sample Process Map for Order Entry
Guidelines for failure mode and effects analysis
56
Block Diagrams/Functional Flow Diagrams Block diagrams illustrate the operation, interrelationships and interdependencies of the functions of a system, which are required to show the sequence and the series dependence or independence of functions and operations. Block diagrams may be constructed in conjunction with, or after, defining the system and shall present the system breakdown of its major functions. More than one block diagram is sometimes required to represent alternative modes of operation, depending upon the definition established for the system. Two types of block diagrams are used in FMEA: ▪ Functional block diagrams—Functional block diagrams illustrate the operation and interrelationships between functional entities of a system as defined in engineering data and schematics. An example is given in Figure 9–2. ▪ Reliability block diagrams—This type is useful for identifying the series dependence or independence of major components, subsystems or detail parts in achieving required functions. An example is given in Figure 9–3.
Figure 9–2: Functional Block Diagram
Common tools used with FMEA
57
Figure 9–3: Reliability Block Diagram Pareto Charts The Pareto Chart combines a bar graph with a cumulative line graph. The bars are placed from left to right in descending order. The cumulative line graph shows the percent contribution of all preceding bars. The Pareto Chart shows where effort can be focused for maximum benefit. It may take two or more Pareto Charts to focus the problem to a level that can be successfully analyzed. In FMEA, Pareto Charts are usually used for the following: ▪ Comparison of RPNs between different failure modes of the item analyzed and identification of high RPN failure modes. ▪ Comparison of total RPNs between items and identification of high RPN items. The total RPN of each item is the summation of RPNs of all failure modes of the item. In either case, the team must set a cut-off RPN, where any failure modes or items with an RPN above that point require further attention. An example Pareto Chart for comparison of RPNs between different failure modes is given in Figure 9–4.
Guidelines for failure mode and effects analysis
Figure 9–4: Pareto Chart for comparison of RPNs between different failure modes
58
CHAPTER 10 Pitfalls with FMEA
This chapter describes some major pitfalls that can arise while conducting FMEA studies. Prepare FMEA Team Inadequate preparation may: ▪ Slow down the team; ▪ Result in excessive study times.
Do Not Assume Everyone Understands FMEA Prepare the team. This objective can be achieved through the services of risk management consultants. Choose Team Members Carefully The wrong team players can negatively impact the FMEA. See Chapters 12 to 16 for a suggested list of team members for different types of FMEA. Avoid Getting Sidetracked ▪ Avoid getting off topic; ▪ Avoid “hobby horses;” ▪ Avoid redesigning during the FMEA. Identify Action Items for further study.
Do Not Run Excessively Long Sessions FMEA sessions should not exceed six to seven hours since the team will become very exhausted and will be ineffective.
Guidelines for failure mode and effects analysis
60
Use the Right Type of FMEA Methodology Selecting the right type of FMEA methodology depends on which stage the product cycle is at. For example, during the preliminary design stage, Product/Design FMEA should be used to review the design of the product, while Process FMEA should be used in the process planning stage. Address Group Participation ▪ Avoid team sessions being dominated totally by one or two people; ▪ Ensure everyone is encouraged to input by using “round table” techniques and sharing the responsibility of the FMEA.
List Action Items Effectively ▪ Record the Action Item so that it can be acted upon by the responsible person designated to execute it. Avoid indecisive instructions such as “Consider studying…” ▪ Do not propose Actions that are just “wish lists.” Excessive numbers of Actions tend to devalue their worth. Be critical, but not over or under zealous.
CHAPTER 11 Product Life Cycle & FMEA
This chapter outlines the application of FMEA at various stages in a product’s life cycle. It also introduces the use of Control Plans as a tool to document the design and process characteristics for the manufacturing of a product. Introduction During the process of design, development and manufacture, the following issues affect the reliability (safety, durability and robustness) of components: • Design of process and product; • Verification of product design; • Quality of parts purchased from suppliers; • Validation of processes for production; • Amount of process variation; • Clarity of the device instruction. Applying FMEA at different stages in the product’s life cycle helps in the identification of not only design and manufacturing defects but also the product and process characteristics that need to be controlled, monitored and tested. Such information, together with the methods of monitoring and testing, are documented in the Control Plan. A Control Plan is a written summary of the producer’s quality planning actions for a specific process, product and/or service. The Control Plan lists all process parameters and design characteristics considered important to customer satisfaction and which require specific quality planning actions. It also describes the actions and reactions required to ensure that the process is maintained in a state of statistical control, as agreed upon between the design team, customer and supplier. It supports verification and validation of the product and the process. It also helps minimize process variation. Figure 11–1 is an illustration of how various types of FMEAs and Control Plans can be integrated into the product’s life cycle. The various types of FMEAs in Figure 11–1, their application in the product’s life cycle and the use of Control Plans are described in the following sections. The various FMEA methodologies are discussed in Chapters 12 to 16.
Guidelines for failure mode and effects analysis
62
Figure 11–1: Relationship between FMEA, Control Plan and product cycle. Different Types of FMEAs Table 11–1 summaries the focuses of the various types of FMEAs. Each type of FMEA is briefly described below: Product/Design FMEA (D-FMEA) The primary focus of D-FMEA is on the product. This includes the components/parts, raw materials used and the features/characteristics of the product. The D-FMEA is important in a product’s life cycle as approximately 76 percent of all engineering changes are due to the correction of bad designs, and the rest are the result of other improvements. Therefore, identifying all potential failures in the design stage is crucial. Process FMEA (P-FMEA) Process FMEA focuses on the manufacturing process, including the process steps, process equipment, process conditions, tooling/fixtures, operator errors, materials quality and so on. This methodology identifies potential or known failure modes and provides follow-up and corrective actions before the first or subsequent production runs.
Product life cycle & FMEA
63
Application FMEA (A-FMEA) Application FMEA focuses on the design application. There are two types of A-FMEA: supplier-side A-FMEA and downstream customer-side A-FMEA. The purpose of the supplier-side A-FMEA is to detect any potential failures of the product relating to the application, design and manufacturing processes of parts and materials acquired from an outside supplier. The downstream customer-side A-FMEA investigates the effects of the customer’s application of the product on the product itself and on the customer. It is used to eliminate confusion and customer complaints. Service FMEA (S-FMEA) Service FMEA focuses on field service after sales—for example, serviceability, spare parts availability and service manpower availability. The objectives of the FMEA are to define, demonstrate and maximize solutions in response to quality, reliability, maintainability, cost and productivity as defined by the design specifications and the customer. These goals are achieved through the active participation of personnel in the departments of customer service, product development, research, quality assurance, marketing and operations. Thus, the focus of the Service FMEA is to minimize failure effects on the service, regardless of what level of FMEA is performed, and to maximize customer satisfaction.
Table 11–1: Focuses of various types of FMEAs Type of FMEA
Product /Design FMEA
Review Design of the product Item
Focus
Determine what could go wrong with the product in both manufacturing operations and in services as a result of weaknesses in the design
Process FMEA
Application FMEA/ Supplier Side
Appl ication FMEA/Down stream Customer Side
Service FMEA
Process (manufacturing and assembly processes)
Your product & the application process
Your product customer’s process
Product
Concentrate on potential failures during manufacturing and in service resulting from non-compliance to specification and/or design intent
Focus on failures of your product relating to parts and components from outside suppliers
Focus on failures of your product, which affect downstream customer’s process
Minimize service failures on the total organization
Failure On product, e.g. On
On the product On the product
On the
Guidelines for failure mode and effects analysis
64
Modes
components, sub-systems, sub-assemblies
manufacturing & process, e.g. equipment, machines, tooling, process steps
Causes
From engineering efforts, e.g. • Improper tolerance • Incorrect stress calculations • Wrong assumptions
From manufacturing and process, e.g. • Missing parts • Adjustment error • Equipment not set up properly • Hardware failure
From the supplier, e.g. • Ambiguous instruction • Insufficient information in user manual
From the customer, e.g. • Wrong interpretation of instruction
From the service provider, e.g. • Human error • Failure to enforce process and quality controls • Improper selection of component parts
Effects
• Impacts to the item being reviewed (Local effects) • Impacts on the end user (End effects) • Impacts between local and end user (Next higher level effects)
• Impacts on the operation itself (Local process effects) • Impacts to downstream operations (Downstream process effects) • The end user of the produced product (End Product Effects)
• Impacts on the significant characteristics of the product (Local effects) • Impacts on the end user (End effects)
• Impacts on the significant characteristics of the product (Local effects) • Impacts on the end user (End effects)
• Impacts on the product/service (Local effects) • Impacts on the end user (End effects)
product/service
Integration of FMEA and Control Plan to Product Cycle Based on Figure 11–1, the following discusses the integration of the FMEAs and Control Plan to the product’s life cycle. Feasibility Phase At this stage, financial and technological feasibility studies are established. The feasibility phase is concluded with the product design target specifications. Product Design and Development Phase At the beginning of the design phase, several candidate concepts are usually developed based on the product design target specifications established in the feasibility phase. Design FMEA (D-FMEA) can be used in the selection of the most promising concept by
Product life cycle & FMEA
65
providing a means of locating respective weaknesses. Although there is often little information made available at this stage, the failure modes can either be established through design analysis or recalls of products with similar design. The causes of failure modes would be mainly engineering related. Once a design is selected, the associated critical characteristics identified in D-FMEA are recorded in the Control Plan. The primary purpose of the Control Plan at this stage is to document and communicate the initial plan for process control. At the end of the design phase, preliminary design and mechanical drawings are available, and the basic process operations (manufacturing and assembly) have been defined. During the development phase, before building the prototype, a more detailed DFMEA can be performed to minimize design defects, eliminate all high-severity hazards and reduce as many medium- and low-severity hazards as possible. As there is considerable flexibility at this early design stage, the cost of major changes to make the device inherently safer would be minimal. The critical design characteristics identified in the FMEA are recorded in the Control Plan (prototype Control Plan). Process Design and Development Phase Based on the product criteria, features and mission requirements, conceptual process designs are established. A preliminary Process FMEA (P-FMEA) can be used in the selection of the most promising concept by providing a means of locating respective weaknesses. The preliminary P-FMEA is also used to solidify product design characteristics and manufacturing processes. When the process design is selected, the PFMEA is expanded by incorporating product characteristics that are identified in the Control Plan. The failure modes in the D-FMEA identify their own causes in the system. These failure modes, which affect the production processes, will also be used for the PFMEA. At the end of the development phase, the P-FMEA reflects the final design of both the product and process and provides risk control/mitigation activities for personnel in production, product support and quality control. The critical process characteristics identified in the FMEA are recorded in the Control Plan (pre-launch Control Plan). Purchasing Phase At this stage, production and tooling planning take place with the P-FMEA focusing on the key characteristics of the processes in production. A-FMEA (supplier side) can be used to evaluate the potential process failures resulting from application of parts, components and materials from outside suppliers. The causes are due to suppliers’ manufacturing processes or designs, but the effects would be on the respective product manufacturing process. The failure modes in the A-FMEA identify their own causes in the system. These failure modes, which affect the manufacturing process, will also be used for the P-FMEA. The key characteristics identified in the FMEA would be recorded in the Control Plan (production Control Plan).
Guidelines for failure mode and effects analysis
66
Production Phase The production Control Plan is executed in the production phase. Prior to post-production activities (e.g. product verification, packaging, distribution and servicing), A-FMEA (customer side) can be used for evaluating the application of the product by the customer (if the product is involved in the customer’s downstream manufacturing process) or the end user (if it is the end product, e.g. reviewing the user instruction manual). In the S-FMEA, the end product is the focus. It is very difficult to evaluate the entire service, especially in the early stage or initiation of the services. In most cases, the service evaluation develops over time and as such the S-FMEA becomes a living document to reflect the changes of the services. The failure causes in the D-FMEA and PFMEA, if not corrected, would have an effect on the end product, which in turn would result in failure modes in the Service FMEA and would lead to product recalls. Table 11–2 shows how each type of FMEA interacts with the Control Plan at various stages of the product cycle.
Table 11–2: Relationship between FMEA, product cycle and Control Plan Stages in Product Cycle
Function
Product Design
Engineering
Product FMEA
Balanced Design
Started
Process Planning
Processing
Process FMEA
Process Seq. & Flow Study
Continued
Sourcing & Suppliers, Quality Planning
Purchasing
Supplier-Side Application FMEA
Key Characteristics of Continued Parts Identified
Production, Tooling Planning
Manufacturing Process FMEA
Key Characteristics of Executed Process Identified
Product Usage & Application
Services
Key Characteristics of Monitored Product Identified
Type of FMEA
Customer-Side Application FMEA & Service FMEA
FMEA Focuses
Control Plan Status
CHAPTER 12 Product/Design FMEA
This chapter describes the objectives of Product/Design FMEA (D-FMEA), recommended team members and recommended information to be included in the FMEA worksheet. It also provides rating guidelines for severity, occurrence and detection. Based on the company’s needs and requirements, additional information can be included in the worksheet. The rating guidelines provided in this chapter are not universal, and each company can modify them to reflect the needs of its organization and the product, as well as the concerns of customers. Objectives ▪ Focus on failure modes caused by design deficiencies; ▪ Maximize design quality, reliability and maintainability while optimizing expenses; ▪ Aim to identify, eliminate or minimize the impact of potential risks to the product and user to an acceptable level with the current state of technology; ▪ Identify critical and/or significant characteristics of the product; ▪ Prioritize the engineering efforts and resources based on the assessment of potential failure impacts to the product or user; ▪ Establish links between design engineering efforts and production, quality and service, together with marketing efforts.
Recommended Team Members The following is a list of recommended team members for Product/Design FMEA: ▪ Product and Development/Manufacturing Engineering; ▪ Quality Assurance; ▪ Research and Development; ▪ Test Engineering; ▪ Reliability Engineering; ▪ Purchasing/Marketing/Customer Service/Complaints Group; ▪ Legal team for product liability purposes for new product development.
Guidelines for failure mode and effects analysis
68
Recommended Information in the Product/Design FMEA Worksheet A recommended worksheet for documenting a D-FMEA is given in Figure 12–1. The worksheet is divided into two main sections: general information inserted above the columns and the actual worksheet columns. Each item in the worksheet is described below. General Information 1. System, Subsystem, or Component name and number
Indicate the level of analysis and enter the system, subsystem or component name and number
2. Prepared By
Indicate the name, telephone number and company of the engineer responsible of preparing the FMEA
3. Design Responsibility
Record the salable number studied or reviewed.
4. FMEA Number
Enter the D-FMEA number used for tracking the document.
5. Page__ of__
Indicate the number of pages of the FMEA worksheet.
6. Key Date
Indicate the initial FMEA due date, this date should not exceed the schedule production design release date.
7. FMEA Date (Orig.)
Specify the date on which the original FMEA study was conducted, and the latest revision date.
8. FMEA Date (Rev.)
Specify the latest revision date.
9. Core Team
Enter the names of individuals and departments that have authority to identify and/or perform tasks.
Columns On the D-FMEA Worksheet 10. Item
Enter the reviewed item’s name and part number.
11. Item Function
Define the function of the item being studied: the purpose, goal or objective of the design. Note: The reviewed item may have more than one function, and each of these functions may have different potential failure modes. In this case, list the functions separately
List the potential failure modes based on failure of the component, subsystem 12. Potential Failure Mode or system under review to perform or deliver the intended function. A good starting point is a review of past things-gone-wrong, concerns, reports and group brainstorming. Examples: leaking, cracked, loosened, inadequate support. 13. Potential Effect(s) of Failure
The potential effects of failure are the impacts and consequences to the affected area. State clearly if the failure mode could impact safety or noncompliance to regulations. Examples of failure effects: Noise, erratic operation, inoperative, regulatory non-compliance.
Product/Design FMEA
69
14. Severity(S)
Severity is an assessment of the most serious effect for a given failure mode. Severity is a relative ranking within the scope of the individual FMEA. A suggested severity ranking is given in Table 12–1. Note: The severity can be reduced only through a change in the design. If such a design modification is attainable, the failure can possibly be eliminated.
15. Class
Use this column to classify any special characteristic, i.e. control, critical, major, key, and significant. This label is not the function. Control items may be controlled by government regulations because failure might affect the general public. Critical items may be safety-related items. Significant items are those, which the designer/engineer has identified as having particular importance to the product.
16. Potential Cause(s)/ Mechanism(s) of Failure
List all potential causes and or failure mechanism for each failure mode. These causes of failure are an indication of design weakness. Typical failure causes may include, but are not limited to: ○ Incorrect material specified; ○ Over-stressing; ○ Improper friction material specified; ○ Excessive heat; ○ Corrosion.
17. Occurrence (O)
Occurrence is the likelihood that a specific failure mode, which is the result of a specific cause under current design control, will happen. Occurrence is a relative ranking within the scope of the individual FMEA. A suggested occurrence ranking is given in Table 12–2.
18. Current Design Controls Prevention
Indicate all controls intended to prevent the causes or mechanism of failure from occurring, or reduce their rates of occurrence. Current controls include those used with the same or similar designs. The initial occurrence rankings will be affected by the prevention controls, provided they are integrated as part of the design intent.
19. Current Design Controls Detection
Indicate all controls (analytical of physical methods) intended to detect the causes or mechanism before the item is released to production. Current controls include those used with the same or similar designs. The initial rankings for detection will be based on design controls that either detects the cause of failure or the failure mode.
20. Detection(D)
Detection is an assessment of the ability of current design controls to identify any potential failure mode if it does occur. Detection is a relative ranking within the scope of the individual FMEA. A suggested detection ranking is given in Table 12–3.
21. Risk Priority Number (RPN)
The Risk Priority Number represents the multi-effects of severity, occurrence and detection. The RPN is calculated by multiplying together these three ratings: Severity, occurrence and detection must have a value greater than zero.
22. Recommended Actions
List your study group’s recommendations for preventing the failure mode or limiting its consequences. The following are examples of corrective actions:
Guidelines for failure mode and effects analysis
70
○ Revised design geometry and/or tolerances; ○ Revised material specification; ○ Design of experiments; ○ Revised test plan. In all cases where the effect of an identified potential failure mode could be a hazard to the end user, preventive/corrective actions should be considered to avoid the failure mode by eliminating, mitigating or controlling the causes. State the name(s) of the team member(s) responsible for ensuring that the recommendations are implemented or properly addressed.
23. Responsibility
Specify the target date for completing the necessary actions. 24. Target Completion Date
Action Results After the preventive/corrective action has been identified, estimate and record the resulting severity, occurrence and detection rankings. Calculate the resulting RPN. If no actions are taken, leave the related ranking columns blank. 25. Actions Taken
List all corrective measures that have been implemented.
26. Severity
The severity rating in this section should indicate the seriousness of the effects of the potential design failure mode after the corrective measures have been implemented.
27. Occurrence
Indicate the occurrence rating after the corrective measures in the “Existing Product Conditions” section have been implemented.
28. Detection
Record the resulting detection rating after the corrective actions have been identified.
Recalculate the Risk Priority Number after the actions have been taken: 29. Risk Priority Number (RPN)
Suggested Risk Guidelines for Product/Design FMEA (D-FMEA) The suggested risk guidelines for severity, occurrence and detection of D-FMEA are given in Tables 12–1, 12–2 and 12–3, respectively.
Table 12–1: Suggested Severity Ranking for DFMEA (1–10 qualitative scale) Effect
Rank
Criteria
None
1
No effect.
Very Slight
2
Negligible effect on product performance. User not affected.
Slight
3
Slight effect on product performance. Non-vital faults will be noticed most of the time.
Product/Design FMEA
71
Minor
4
Minor effect on product performance. User slightly dissatisfied.
Moderate
5
Reduced performance with gradual performance degradation. User dissatisfied.
Severe
6
Product operable and safe but performance degraded. User dissatisfied.
High Severity
7
Product performance severely affected. User very dissatisfied.
Very High Severity
8
Product inoperable but safe. User very dissatisfied.
Extreme Severity
9
Product failure resulting in hazardous effects highly probable. Compliance with government regulations in jeopardy.
Maximum Severity
10
Product failure resulting in hazardous effects almost certain. Noncompliance with government regulations.
Table 12–2: Suggested Occurrence Ranking for D-FMEA (1–10 qualitative scale) Occurrence
Rank
Criteria
Extremely Unlikely
1
Failure highly unlikely.
Remote Likelihood
2
Rare number of failures likely.
Very Low Likelihood
3
Very few failures likely.
Low Likelihood
4
Few failures likely.
Moderately Low Likelihood
5
Occasional failures likely.
Medium Likelihood
6
Medium number of failures likely.
Moderately High Likelihood
7
Moderately high number of failures likely.
High Likelihood
8
High number of failures likely.
Very High Likelihood
9
Very high number of failures likely.
Extremely Likely
10
Failure almost certain.
Table 12–3: Suggested Detection Ranking for DFMEA (1–10 qualitative scale) Detection
Rank
Criteria
Extremely Likely
1
Can be corrected prior to engineering prototype.
Very High Likelihood
2
Can be detected and corrected prior to engineering design release.
High Likelihood
3
Has high effectiveness.
Moderately High Likelihood
4
Has moderately high effectiveness.
Medium Likelihood
5
Has medium effectiveness.
Guidelines for failure mode and effects analysis
72
Moderately Low Likelihood
6
Has moderately low effectiveness.
Low Likelihood
7
Has low effectiveness.
Very Low Likelihood
8
Has lowest effectiveness in each applicable category.
Remote Likelihood
9
Is unproven, unreliable or unknown.
Extremely Unlikely
10
No design technique available or known, and/or none is planned.
Figure 12–1: Sample D-FMEA Worksheet
CHAPTER 13 Process FMEA
This chapter describes the objectives of Process FMEA (P-FMEA), recommended team members and recommended information to be included in the FMEA worksheet. It also provides rating guidelines for severity, occurrence and detection. Based on the company’s needs and requirements, additional information can be included in the worksheet. The rating guidelines provided in this chapter are not universal, and each company can modify them to reflect the needs of its organization and product, as well as the concerns of customers. Objectives • Focus on failure modes caused by process or assembly deficiencies; • Maximize the total process quality, reliability, maintainability and productivity while optimizing expenses; • Aim to identify, eliminate or minimize the impact of potential risks to the process and product, as well as to the end user to an acceptable level with the current state of technology; • Identify critical and/or significant characteristics, which help in developing Control Plans; • Prioritize the manufacturing engineering efforts and resources; • Establish links between manufacturing effort, design engineering, quality and service together with marketing efforts.
Recommended Team Members The following is a list of recommended team members for Process FMEA: ▪ Manufacturing Engineering; ▪ Product Development; ▪ Quality Assurance; ▪ Reliability Engineering; ▪ Purchasing/Marketing/Customer Service/Complaints Group; ▪ Production Control;
Guidelines for failure mode and effects analysis
74
▪ Testing Engineering.
Recommended Information in the Process FMEA Worksheet A recommended worksheet for documenting a P-FMEA is given in Figure 13–1. The worksheet is divided into two main sections: general information inserted above the columns and the actual worksheet columns. Each item in the worksheet is described below. General Information 1. System, Subsystem, or Component name and number
Indicate the level of analysis and enter the system, subsystem or component name and number
2. Prepared By
Indicate the name, telephone number and company of the engineer responsible of preparing the FMEA
3. Process Responsibility
Record the salable number studied or reviewed.
4. FMEA Number
Enter the P-FMEA number used for tracking the document.
5. Page__ of__
Indicate the number of pages of the FMEA worksheet.
6. Key Date
Indicate the initial FMEA due date, this date should not exceed the schedule production design release date.
7. FMEA Date (Orig.)
Specify the date on which the original FMEA study was conducted, and the latest revision date.
8. FMEA Date (Rev.)
Specify the latest revision date.
9. Core Team
Enter the names of individuals and departments that have authority to identify and/or perform tasks.
Columns On the P-FMEA Worksheet 10. Item
Enter the reviewed item’s name and part number.
11. Item Function
Define the function of the item being studied: the purpose, goal or objective of the design. Note: The reviewed item may have more than one function, and each of these functions may have different potential failure modes. In this case, list the functions separately
12. Potential Failure Mode
List the potential failure modes based on failure of the component, subsystem or system under review to perform or deliver the intended function. A good starting point is a review of past things-gone-wrong, concerns, reports and group brainstorming. Examples: leaking, cracked, loosened, inadequate support.
13. Potential
The potential effects of failure are the impacts and consequences to the affected
Process FMEA
Effect(s) of Failure
75
area. State clearly if the failure mode could impact safety or non-compliance to regulations. Examples of failure effects: Noise, erratic operation, inoperative, regulatory non- compliance.
14. Severity (S) Severity is an assessment of the most serious effect for a given failure mode. Severity is a relative ranking within the scope of the individual FMEA. A suggested severity ranking is given in Table 13–1. Note: The severity can be reduced only through a change in the design. If such a design modification is attainable, the failure can possibly be eliminated. 15. Class
Use this column to classify any special characteristic, i.e. control, critical, major, key, significant. This label is not the function. Control items may be controlled by government regulations because failure might affect the general public. Critical items may be safety-related items. Significant items are those which the designer/engineer has identified as having particular importance to the product.
16. Potential Cause(s)/ Mechanism(s) of Failure
List all potential causes and or failure mechanism for each failure mode. These causes of failure are an indication of design weakness. Typical failure causes may include, but are not limited to: a. Incorrect material specified; b. Over-stressing; c. Improper friction material specified; d. Excessive heat; e. Corrosion.
17. Occurrence (O)
Occurrence is the likelihood that a specific failure mode, which is the result of a specific cause under current design control, will happen. Occurrence is a relative ranking within the scope of the individual FMEA. A suggested occurrence ranking is given in Table 13–2.
18. Current Process Indicate all controls intended to prevent the causes or mechanism of failure from occurring, or reduce their rates of occurrence. Current controls Controls include those used with the same or similar designs. Prevention The initial occurrence rankings will be affected by the prevention controls, provided they are integrated as part of the design intent. 19. Current Process Indicate all controls (analytical of physical methods) intended to detect the causes or mechanism before the item is released to production. Current Controls controls include those used with the same or similar designs. The initial Detection rankings for detection will be based on design controls that either detects the cause of failure or the failure mode. 20. Detection(D)
Detection is an assessment of the ability of current design controls to identify any potential failure mode if it does occur. Detection is a relative ranking within the scope of the individual FMEA. A suggested detection ranking is given in Table 13–3.
21. Risk Priority Number (RPN)
The Risk Priority Number represents the multi-effects of severity, occurrence and detection. The RPN is calculated by multiplying together these three ratings: Severity, occurrence and detection must have a value greater than zero.
Guidelines for failure mode and effects analysis
76
22. Recommended Actions
List your study group’s recommendations for preventing the failure mode or limiting its consequences. The following are examples of corrective actions: ○ Revised design geometry and/or tolerances; ○ Revised material specification; ○ Design of experiments; ○ Revised test plan. In all cases where the effect of an identified potential failure mode could be a hazard to the end user, preventive/corrective actions should be considered to avoid the failure mode by eliminating, mitigating or controlling the causes.
23. Responsibility
State the name(s) of the team member(s) responsible for ensuring that the recommendations are implemented or properly addressed.
Specify the target date for completing the necessary actions. 24. Target Completion Date
Action Results After the preventive/corrective action has been identified, estimate and record the resulting severity, occurrence and detection rankings. Calculate the resulting RPN. If no actions are taken, leave the related ranking columns blank. 25. Actions Taken
List all corrective measures that have been implemented.
26. Severity
The severity rating in this section should indicate the seriousness of the effects of the potential design failure mode after the corrective measures have been implemented.
27. Occurrence
Indicate the occurrence rating after the corrective measures in the “Existing Product Conditions” section have been implemented.
28. Detection
Record the resulting detection rating after the corrective actions have been identified.
Recalculate the Risk Priority Number after the actions have been taken: 29. Risk Priority Number (RPN)
Suggested Risk Guidelines for Process FMEA (P-FMEA) The suggested risk guidelines for severity, occurrence and detection of P-FMEA are given in Tables 13–1, 13–2 and 13–3, respectively.
Process FMEA
77
Table 13–1: Suggested Severity Ranking for PFMEA (1–10 qualitative scale) Effect
Rank
Criteria
None
1
Might be noticeable by the operator (Process). Improbable/not noticeable by the user (Product).
Very slight
2
No downstream effect (Process). Insignificant/negligible effect (Product).
Slight
3
User will probably notice the effect but the effect is slight (Process and Product).
Minor
4
Local and/or downstream processes might be affected (Process). User will experience minor negative impact on the product (Product).
Moderate
5
Impacts will be noticeable throughout operations (Process). Reduced performance with gradual performance degradation. User dissatisfied (Product).
Severe
6
Disruption to downstream process (Process). Product operable and safe but performance degraded. User dissatisfied (Product).
High Severity
7
Significant downtime (Process). Product performance severely affected. User very dissatisfied (Product).
Very High Severity
8
Significant downtime and major financial impacts (Process). Product inoperable but safe. User very dissatisfied (Product).
Extreme Severity
9
Failure resulting in hazardous effects highly probable. Safety and regulatory concerns (Process and Product).
Maximum Severity
10
Failure resulting in hazardous effects almost certain. Non- Injury or harm to operating personnel (Process). compliance with government regulations (Product).
Table 13–2: Suggested Occurrence Ranking for PFMEA (1–10 qualitative scale) Occurrence
Rank
Criteria
Extremely Unlikely
1
Failure highly unlikely.
Remote Likelihood
2
Rare number of failures likely.
Very Low Likelihood
3
Very few failures likely.
Low Likelihood
4
Few failures likely.
Moderately Low Likelihood
5
Occasional failures likely.
Medium Likelihood
6
Medium number of failures likely.
Moderately High Likelihood
7
Moderately high number of failures likely.
High Likelihood
8
High number of failures likely.
Very High Likelihood
9
Very high number of failures likely.
Guidelines for failure mode and effects analysis
Extremely Likely
10
78
Failure almost certain.
Table 13–3: Suggested Detection Ranking for PFMEA (1–10 qualitative scale) Detection
Rank
Criteria
Extremely Likely
1
Controls will almost certainly detect the existence of the defect.
Very High Likelihood
2
Controls have a very high probability of detecting the existence of failure.
High Likelihood
3
Has high effectiveness for detection.
Moderately High Likelihood
4
Has moderately high effectiveness for detection.
Medium Likelihood
5
Has medium effectiveness for detection.
Moderately Low Likelihood
6
Has moderately low effectiveness for detection.
Low Likelihood
7
Has low effectiveness for detection.
Very Low Likelihood
8
Has lowest effectiveness in each applicable category.
Remote Likelihood
9
Controls have a very low probability of detecting the existence of a defect.
Extremely Unlikely
10
Controls will almost certainly not detect the existence of a defect.
Figure 13–1: Sample P-FMEA Worksheet
CHAPTER 14 Machinery FMEA
This chapter describes the objectives of Machinery FMEA (M-FMEA), recommended team members and recommended information to be included in the FMEA worksheet. It also provides rating guidelines for severity, occurrence and detection. Based on the company’s needs and requirements, additional information can be included in the worksheet. The rating guidelines provided in this chapter are not universal, and each company can modify them to reflect the needs of its organization and the product, as well as the concerns of customers. Objectives ▪ Ensure that potential failure modes and their effects on the machinery were identified during the design and development process; ▪ Reduce life cycle costs by improving the reliability and durability of the machinery; ▪ Provide information for the development of an efficient preventive maintenance plan; ▪ Aim to identify, eliminate or minimize the impact of potential risks to the product and user to an acceptable level with the current state of technology; ▪ Identify critical and/or significant characteristics of the product; ▪ Prioritize the engineering efforts and resources based on the assessment of potential failure impacts to the product or user; ▪ Establish links between design engineering efforts and production, quality and service, together with marketing efforts.
Recommended Team Members The following is a list of recommended team members for Machinery FMEA: ▪ Machinery-responsible Engineer; ▪ Quality Engineer; ▪ Safety Engineer; ▪ Production Engineer; ▪ Reliability Engineering; ▪ Product and Development/Manufacturing Engineering;
Guidelines for failure mode and effects analysis
80
▪ Purchasing/Marketing/Customer Service/Complaints Group; ▪ Legal team for product liability purposes for new product development.
Recommended Information in the Machinery FMEA Worksheet A recommended worksheet for documenting an M-FMEA is given in Figure 14–1. The worksheet is divided into two main sections: general information inserted above the columns and the actual worksheet columns. Each item in the worksheet is described below. General Information 1. Machinery/System, Subsystem, or Component name and number
Indicate the level of analysis and enter the system, subsystem or component name and number
2. Prepared By
Indicate the name, telephone number and company of the engineer responsible of preparing the FMEA
3. Design Responsibility
Indicate the OEM, department or supplier name if applicable.
4. FMEA Number
Enter the M-FMEA number used for tracking the document.
5. Page__ of__
Indicate the number of pages of the FMEA worksheet.
6. Key Date
Indicate the initial FMEA due date, this date should not exceed the schedule production design release date.
7. FMEA Date (Orig.)
Specify the date on which the original FMEA study was conducted, and the latest revision date.
8. FMEA Date (Rev.)
Specify the latest revision date.
9. Core Team
Enter the names of individuals and departments that have authority to identify and/or perform tasks.
10. Item
Enter the reviewed item’s name and part number.
11. Item Function
Define the function of the item being studied: the purpose, goal or objective of the design. Note: The reviewed item may have more than one function, and each of these functions may have different potential failure modes. In this case, list the functions separately
12. Potential Failure Mode
List the potential failure modes based on failure of the component, subsystem or system under review to perform or deliver the intended function. A good starting point is a review of past things-gone-wrong,
Columns On the M-FMEA Worksheet
Machinery FMEA
81
concerns, reports and group brainstorming. Examples: leaking, cracked, loosened, inadequate support. 13. Potential Effect(s) of Failure
The potential effects of failure are the impacts and consequences to the affected area. State clearly if the failure mode could impact safety or noncompliance to regulations. Examples of failure effects: Noise, erratic operation, inoperative, regulatory non- compliance.
14. Severity(S)
Severity is an assessment of the most serious effect for a given failure mode. Severity is a relative ranking within the scope of the individual FMEA. A suggested severity ranking is given in Table 14–1. Note: The severity can be reduced only through a change in the design. If such a design modification is attainable, the failure can possibly be eliminated.
15. Class
Use this column to classify any special characteristic, i.e. control, critical, major, key, significant. This label is not the function. Control items may be controlled by government regulations because failure might affect the general public. Critical items may be safety-related items. Significant items are those which the designer/engineer has identified as having particular importance to the product.
16. Potential Cause(s)/ Mechanism(s) of Failure
List all potential causes and or failure mechanism for each failure mode. These causes of failure are an indication of design weakness. Typical failure causes may include, but are not limited to: ○ Incorrect material specified; ○ Over-stressing; ○ Improper friction material specified; ○ Excessive heat; ○ Corrosion.
17. Occurrence (O)
Occurrence is the likelihood that a specific failure mode, which is the result of a specific cause under current design control, will happen. Occurrence is a relative ranking within the scope of the individual FMEA. A suggested occurrence ranking is given in Table 14–2.
18. Current Machinery Controls Prevention
Indicate all controls intended to prevent the causes or mechanism of failure from occurring, or reduce their rates of occurrence. Current controls include those used with the same or similar designs. The initial occurrence rankings will be affected by the prevention controls, provided they are integrated as part of the design intent.
19. Current Machinery Controls Detection
Indicate all controls (analytical of physical methods) intended to detect the causes or mechanism before the item is released to production. Current controls include those used with the same or similar designs. The initial rankings for detection will be based on design controls that either detects the cause of failure or the failure mode.
20. Detection(D)
Detection is an assessment of the ability of current design controls to identify any potential failure mode if it does occur. Detection is a relative ranking within the scope of the individual FMEA. A suggested detection ranking is given in Table 14–3.
21. Risk Priority
The Risk Priority Number represents the multi-effects of severity,
Guidelines for failure mode and effects analysis
Number (RPN)
82
occurrence and detection. The RPN is calculated by multiplying together these three ratings: Severity, occurrence and detection must have a value greater than zero.
22. Recommended Actions
List your study group’s recommendations for preventing the failure mode or limiting its consequences. The following are examples of corrective actions: ○ Revised design geometry and/or tolerances; ○ Revised material specification; ○ Design of experiments; ○ Revised test plan. In all cases where the effect of an identified potential failure mode could be a hazard to the end user, preventive/corrective actions should be considered to avoid the failure mode by eliminating, mitigating or controlling the causes.
23. Responsibility
State the name(s) of the team member(s) responsible for ensuring that the recommendations are implemented or properly addressed.
Specify the target date for completing the necessary actions actions. 24. Target Completion Date
Action Results After the preventive/corrective action has been identified, estimate and record the resulting severity, occurrence and detection rankings. Calculate the resulting RPN. If no actions are taken, leave the related ranking columns blank. 25. Actions Taken
List all corrective measures that have been implemented.
26. Severity
The severity rating in this section should indicate the seriousness of the effects of the potential design failure mode after the corrective measures have been implemented.
27. Occurrence
Indicate the occurrence rating after the corrective measures in the “Existing Product Conditions” section have been implemented.
28. Detection
Record the resulting detection rating after the corrective actions have been identified.
29. Risk Priority Number (RPN)
Recalculate the Risk Priority Number after the actions have been taken:
Suggested Risk Guidelines for Machinery FMEA (M-FMEA) The following risk guidelines for severity, occurrence and detection for M-FMEA shown in Tables 14–1, 14–2 and 14–3 respectively are extracted from SAE J1739 Section 5.
Machinery FMEA
83
Table 14–1: Suggested Severity Ranking for MFMEA (1–10 qualitative scale) Effect
Rank
Criteria
None
1
Process parameter variability within specification limits. Adjustment or process controls can be done during normal maintenance.
Very Minor
2
Process parameter variability not within specification limits. Adjustment or other process controls need to be taken during production. No downtime and no production of defective parts.
Minor
3
Downtime of up to 10 minutes but no production of defective parts.
Very Low
4
Downtime of between 10 and 30 minutes but no production of defective parts.
Low
5
Downtime of between 30 minutes and 1 hour or the production of defective parts for up to 1 hour.
Moderate
6
Downtime of between 1 and 4 hours or the production of defective parts for between 1 and 2 hours.
High
7
Downtime of between 4 and 8 hours or the production of defective parts for more than 4 hours.
Very High
8
Downtime of more than 8 hours or the production of defective parts for more than 4 hours.
Hazardous—With Warning
9
High severity ranking—affects operator, plant or maintenance personnel and safety and/or affects non-compliance with government regulations with warning.
Hazardous— Without Warning
10
Very high severity ranking—affects operator, plant or maintenance personnel and safety and/or affects non-compliance with government regulations without warning.
Table 14–2: Suggested Occurrence Ranking for M-FMEA (1–10 qualitative scale) Rank
Occurrence Criteria: Possible Number of Failures within Hours of Operation
Criteria: The Reliability Based on the User’s Required Time
Failure Occurs every 5 Years
1
1 in 25,000
R(t)=98 %: MTBF is 50 times greater than the User’s required time.
Failure Occurs every 2 Years
2
1 in 10,000
R(t)=95 %: MTBF is 20 times greater than the User’s required time.
Failure Occurs every Year
3
1 in 5,000
R(t)=90 %: MTBF is 10 times greater than the User’s required time.
Guidelines for failure mode and effects analysis
84
Failure Occurs every 6 Months
4
1 in 2,500
R(t)=85 %: MTBF is 6 times greater than the User’s required time.
Failure Occurs every 3 Months
5
1 in 1,000
R(t)=78 %: MTBF is 4 times greater than the User’s required time.
Failure Occurs every Month
6
1 in 350
R(t)=60 %: MTBF is 2 times greater than the User’s required time.
Failure Occurs every Week
7
1 in 80
R(t)=37 %: MTBF is equal to the User’s required time.
Failure Occurs every Day
8
1 in 24
R(t)=20 %: MTBF is about 60% of the User’s required time.
Failure Occurs every Shift
9
1 in 8
R(t)=5 %: MTBF is about 30% of the User’s required time.
Failure Occurs every Hour
10
1 in 1
R(t)
View more...
Comments